According to the Identity Theft Resource Center. over 851 million data records have been involved in data breaches since 2005 in the US alone, and high profile data breaches are an almost daily occurrence in 2016. Put simply, breaches are skyrocketing. Stolen personal data, and stolen company data are flooding the markets, and people aren’t doing enough to protect themselves.
Even the US Federal Government, and LinkedIn are victims. It seems that no organization or business is immune to them.
But what actually happens to that data once it’s compromised?
The Underground Market
Data is what fuels the digital economy and it’s no different for hackers. Once data is stolen or falls into the wrong hands, it’s put on the marketplace. This is usually through forums or other sites on the encrypted Dark Web.
Generally speaking, stolen data includes a broad range of personal information including Social Security numbers, names, addresses, telephone numbers, credit card details, names of local bank branches and account login details.
Data thieves will sell this raw data to middlemen who will mix and match sets to compile profiles and create a full identity, featuring a compilation of one individual’s details.
Known as fullz, these packages are then sold on at a higher price. Fullz are highly valued as they allow criminals to create bank accounts or take out loans using an actual person. These can be difficult to track and can cause ongoing problems for the victim.
For data criminals, the holy grail is to get a full data set of a person that includes their social security number. Once they have such a set, a range of lucrative identity fraud can be perpetrated.
[Tweet “According to research by Quartz, high end fullz sell for up to $454.05 USD.”]
In terms of financial information, there’s a hierarchy. On their own, credit card details are actually not very highly valued due to the fact that going through them to find one that works is time-consuming and can have low rewards.
According to research by McAfee, the average price for stolen debit and credit card data is between $25 and $45 USD in the EU and a mere $5 and $30 in the US.
Bank account details are much more highly prized. The same report found that bank login credentials sold for $500 for a $6,000 account balance, and $1,200 for a $20,000 account balance in the US.
Protecting your business
With such a well organized and potentially lucrative black market it’s no surprise that data breaches are so common.
In addition to regular checks by security experts and having up to date security software installed, businesses should think about getting a second line of defense.
Employee monitoring software is one line of defense that is as close to all-encompassing as you can get because it can be installed on all of your company devices.
Any decent employee monitoring software will record exactly what apps and websites your employees use and help managers flag up any dangerous or unusual behavior.
Our software KnowIT, for example, can also be set to alert managers as soon as sensitive data is copied or accessed, so you’ll know the second it’s in danger.
Over to you
Has your data or your company’s data ever been stolen in a breach? Share your experience with us through the comments section below.