FireEye recently issued a report that indicates that bank card data of over 20 million individuals has been compromised since 2014. According to the report, point of sale attacks that have affected the retail and hospitality industries will continue while companies are in the process of implementing chip-and-pin cards and fraudsters are targeting magnetic card systems in the interim.

According to FireEye, it has seen 20 million stolen credit cards available for sale in the underground marketplace by a group dubbed FIN6 for $21 apiece, which all told could rake in over $400 million. These cards were stolen in one incident, and the victims were mostly from the U.S.

The malware used to compromise the data as Grabnew, which is also known as Vawtrek and Neverquest.