AFTER THE BREACH: What Happens to Stolen Data


3 University of Nebraska | 650,000 | 2012

3 Yahoo | 3B | 2013 3 Target | 110M | 2013 3 eBay | 145M | 2014 3 Home Depot | 56M | 2014 3 Equifax | 147.9M | 2017 3 Marriott | 500M | 2018 3 Twitter | 330M | 2018 3 Facebook | 87M | 2018 3 Google+ | 52M | 2018 3 Panera Bread | 37M | 2018 3 Ticket Fly | 27M | 2018

3 Prairie Fields Family Medicine (Fremont, NE) | 6,450 | 2018

3 UnityPoint Health (Iowa) | 1.4M | 2018

Over the last 10 years, there have been many major data breaches, including Target, Sony and Equifax. And even if you don’t hear about them, smaller scale hacks are happening all the time – even in Iowa and Nebraska. It’s terrifying to imagine your data getting into the wrong hands, but exactly who is getting the information? And how does it get there?

Typically, stolen data ends up on the dark web. The dark web is internet content that exists on overlay networks called darknets. Although they work using the internet, they require specific authorization, configurations or software to access. On the dark web, IP addresses are encrypted so that everything is anonymous and untraceable. This makes it a hotbed for illegal activity.

Due to the encrypted nature of the dark web, it’s incredibly difficult to track exact- ly where data goes. Generally, it finds its way to an online marketplace to earn the hacker a quick buck. Darknet markets operate like black markets, selling illegal goods such as drugs, weapons, forged documents and stolen data. Transactions are made using bitcoin or other currencies that cannot be tracked.

Stolen data is one of the largest commodities traded on the dark web and can prove quite lucrative, depending on the information. Credentials are typically sold in bulk with a constantly changing value. Banking credentials tend to be among the most expensive because they can be monetized directly through fraudulent transactions. The most common credentials up for sale are e-commerce and email credentials. Oftentimes, stolen emails are used to launch spam campaigns and spread malicious files. Unfortunately, due to the fact that many people reuse their passwords, a single breach of an account can mean access to dozens of unrelated accounts.

Data sold on the dark web quickly ages. The longer it’s out there and the more it’s been used, the lower the value. The more information about an individual the data seller holds, the better. For example, a random credit card number may sell for $5 to $8, but if the seller also has the card holder’s PIN number, date of birth and address, the price gets much higher.

As mysterious and menacing the dark web and its darknet marketplaces sound, there are simple things you can do to keep yourself safe. Set strong, unique pass- words (different for each account), be aware of phishing scams and keep an eye on your bank and credit card accounts to catch any fraudulent transactions.

Act quickly if you suspect your personal information has been stolen. If you have an account with a company that reports a breach, change the password immediately. While you can’t always prevent your data from being stolen, reacting quickly can help minimize the damage. Stay safe!

Source: Equinox IT Services 18 | The Retailer Magazine | Mar/Apr

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36