This past March, I published a white paper looking at how some applications hash credit card numbers and how vulnerable these hashes are to brute forcing. I developed a proof of concept to roughly estimate the timings (about 2 million hashes per second). Looking ahead, I estimated with additional optimization, multi-threading, and faster processors probably 50 million hashes per second is achievable.
Well, I was probably off by a factor of at least 5 on my future estimate. Elcomsoft announced this week that it has filed a patent for a technique to use the "massively parallel processing" capabilities of the GPU on a video card to brute force passwords. Others have also been doing research in this area.
A better estimate is at least 200 million hashes per second for a single pass of SHA-1 or MD-5 and I wouldn't be surprised if someone could achieve 500 million hashes per second in the near future. This would allow someone to brute force all possible unsalted SHA-1 hashes in just 10 days rather than 3 years. Adding intelligence with regards to brands and common issuing bank prefixes, most of the brute force times are reduced to minutes or seconds. Storing plain-text digits (prefix and/or last 4) makes brute forcing a trivial exercise.
When hashing credit card number, the hashing must be carefully designed to protect against brute forcing by using strong cryptographic hash functions, large salt values, and multiple iterations.