Last week, we reported that nearly 20,000 Pakistani debit cards were put up for sale on the dark web. Now, cybersecurity firm Group-IB has found out that earlier this week, a new dump of whooping 177,878 appeared on the dark web.

The report noted that the new dump appeared on the dark website Joker Stash on November 13. From the total number of cards, there were 150,632 cards of Pakistani banks, 16,227 cards of other regions’ banks, and 11,019 cards of undefined banks.

The report further notes cards issued by Habib Bank accounted for nearly 20 percent of the dump.

“Card dumps are usually obtained by using skimming devices and through Trojans infecting workstations connected to POS terminals. The large part of compromised card data is sold in specialized card shops, such as Joker’s Stash.” said Dmitry Shestakov, Head of Group-IB Cybercrime research unit. “Group-IB Threat Intelligence continuously detects and analyses data uploaded to card shops all over the world.”

He added that the dump wasn’t mentioned anywhere earlier on dark web forums or card shops.

Group-IB notes that the estimated value of the dump is $19.9 million. The sale price for the cards was anywhere between $17 to $160.

This new incident points to glaring holes in Pakistani banks’ security systems. They will need to investigate and take the right measures to ensure safety for their customers.

Read next: Twitter says the Bitcoin scam wave came from third-party app