I kinda agree with the low probability, but you also ignored the article (he’s faking mastercard), and I see 12 digits not 14.
Also, not every valid number will be used (e.g. all 0s won’t be an option), and every number don’t need to be valid at the same time. If I renew 25 cards, their numbers are burned with no reuse.
That’s a long way to say, I’m not a fan in general of throwing in naive probability calculations and calling it a day.
There are generally 9 "random" digits in a 16-digit Visa/MC card number.
The BIN/IIN is traditionally the first 6 digits. Extended BINs can be 8-11 digits, which is like subnetting -- the BIN sponsor can delegate assignment control of an extended BIN range to another entity. So in some cases, there can be as few as 4 "random" digits in the full card number (PAN).
If you were sweeping a PAN range for live numbers, you'd start with a known-valid BIN, probably 6 or 8 digits. Then randomly choose the next 9 (or 7) digits, and then calculate the check digit.
We can't know the likelihood of hitting a valid number without knowing the count of assigned PANs in that BIN, but clearly the capacity would be 1 billion (or 10 million) possibilities.
Also, not every valid number will be used (e.g. all 0s won’t be an option), and every number don’t need to be valid at the same time. If I renew 25 cards, their numbers are burned with no reuse.
That’s a long way to say, I’m not a fan in general of throwing in naive probability calculations and calling it a day.