Stolen User Data Sells for as Little as $1 on the Dark Web

Online data breaches and stolen user details are becoming a sad reality of life on the internet. Whether it’s the infamous Ashley Madison hack or a phishing attack, it’s tough to stop your information from falling into the wrong hands. You might be surprised, however, how much your personal data is worth. According to a new report from Trend Micro, entitled “Understanding Data Breaches”, user data is being sold on for as little as one dollar on the dark web.

Trend Micro also found, thanks to the Privacy Rights Clearinghouse Data Breaches database, that only 25% of data breaches between 2005 and 2015 were due to online hacks. The most common breaches are inside jobs, committed by employees of a company, as well as device skimming and physical theft of laptops, flash drives, and mobile devices.

Credit and debit card details are still being most effectively gathered via skimmers or cameras connected to an ATM or point-of-sale terminals, or by hardware keyloggers on cash registers, rather than by online methods.

Much of this stolen data is then sold on through the dark web, with bank details fetching up to $500 per account, PayPal and eBay accounts going for around $300, while US mobile accounts can go for as little as $14. Personally identifiable information (PII) – name, address, date of birth, and social security/national insurance number – sells for $1 per line, which means that the tiny sum of $4 can effectively buy a person’s identity. Bump that fee up to $25, and a full credit report on that person is yours.

Thank you ZDNet for providing us with this information.

Image courtesy of WIRED.