What's your digital data worth? Cyber-security experts say less than Rs 3,580

Stolen data may have limited resale value, but can be put to many uses.

ThinkStock Photos
MOSCOW: Your complete digital life - including data from your social media accounts, banking and credit card details - can be sold by cyber criminals for less than USD 50 (approximately Rs 3,580), scientists say.

While many of us have heard of, or even fallen victim to, cybercrimes such as data and identity theft, it seems that relatively few know the value of the information stolen from us.

Scientists from the Kaspersky Lab, a cybersecurity company in Russia, found that while our identity may not be worth a lot in terms of dollars, it is a significant asset to criminals in other ways.


The research uncovered an appetite among cybercriminals for data stolen from popular services -- including via social media accounts and remote access to gaming websites.

Hack_640x480_AP

User confusion about what their data is worth could result in a haphazard approach to security, making it all too easy for thieves to steal data and commit crime.

ADVERTISEMENT
Data stolen due to people's lax security may have limited resale value, but can be put to many uses.

This can cause huge problems for an individual victim, who may lose money and their reputation, find themselves being chased for debt that somebody else has incurred in their name, or even suspected of a crime that somebody else has committed using their identity as a cover.

When Japanese Firms Were Indicted Over Data Falsification Charges
1/5

By Viandra DSouza

Kobe Steel Inc, which has been charged by Tokyo prosecutors over data falsification, is just one of the many scandals that have rocked Japan in recent times.

By Viandra DSouzaKobe Steel Inc, which has been charged by Tokyo prosecutors over data falsification, is just one of the many scandals that have rocked Japan in recent times.

In 2016, the car manufacturer was caught in the dock for falsifying the fuel efficiency levels of many of their models.

It also faked data on auto and airplane parts affecting some 274 clients and had to bear a loss of Yen220 billion (around $2 billion).

The company’s valuation dropped by $3 billion after the scandal broke and its shares have tanked 40 per cent since.

In 2016, the car manufacturer was caught in the dock for falsifying the fuel efficiency levels of many of their models. It also faked data on auto and airplane parts affecting some 274 clients and ha..
Read More

Last year, this Japanese giant hit rock bottom as investigators found direct evidence of inappropriate accounting practices and overstated profits in multiple Toshiba business units.

Investors have sued the company in court for 16.7 billion yen ($162.3 million) in damages.

Last year, this Japanese giant hit rock bottom as investigators found direct evidence of inappropriate accounting practices and overstated profits in multiple Toshiba business units. Investors have s..
Read More

Earlier this month, Nissan was allegedly caught cheating on emissions data in a number of its factories across Japan.

Around 19 models, affected by incorrect testing environments, were sold and inspection reports were based on altered measurements. Stocks of the company fell hard after the scandal broke.

Earlier this month, Nissan was allegedly caught cheating on emissions data in a number of its factories across Japan. Around 19 models, affected by incorrect testing environments, were sold and inspe..
Read More

The car parts maker, in 2017, admitted that one of its subsidiaries forged quality-assurance data to mislead customers.

The company admitted to have violated Japanese law by deploying an improper fuel economy testing method in some vehicles in Japan since 2002.

The car parts maker, in 2017, admitted that one of its subsidiaries forged quality-assurance data to mislead customers. The company admitted to have violated Japanese law by deploying an improper fue..
Read More

Kaspersky Lab investigated 'Dark Web' markets to find out how much personal data is worth, and how it is used by criminals.

The dark web, also referred to as the darknet, is an encrypted portion of the internet that is not indexed by search engines. These networks use the internet but require specific software, configurations, or authorisation to access.
ADVERTISEMENT

The researchers found that criminals can sell someone's complete digital life for less than USD 50; including data from stolen social media accounts, banking details, remote access to servers or desktops, and even data from popular services like Uber, Netflix, and Spotify, as well as gaming websites, dating apps, and porn websites which might store credit card information.

Meanwhile, researchers found that the price paid for a single hacked account is lower, with most selling for about USD 1 per account, and with criminals offering up discounts for bulk-buying.
ADVERTISEMENT

Facebook Data Breach Making Headlines, Here's How Other Scandals Began
1/6
The Facebook leak was traced back to Aleksandr Kogan, an academic at Cambridge university. Here is the root of other such worldwide breaches.
(Image: Twitter/@AleksandrBKogan)
The Facebook leak was traced back to Aleksandr Kogan, an academic at Cambridge university. Here is the root of other such worldwide breaches. (Image: Twitter/@AleksandrBKogan)
In 2012, companies like Visa Inc licensee, J C Penney Co, JetBlue Airways Corp and French retailer Carrefour SA were attacked by hackers, resulting in a collective loss of up to $300 million. A Russian and Ukrainian gang hacked into the records for over seven years, breaching 8,00,000 bank accounts and stealing more than 160 million credit and debit card numbers. While his colleagues did the hacking, 32-year-old Russian Roman Kotov was charged with mining the data.
In 2012, companies like Visa Inc licensee, J C Penney Co, JetBlue Airways Corp and French retailer Carrefour SA were attacked by hackers, resulting in a collective loss of up to $300 million. A Russi..
Read More
While eBay’s database was hacked earlier in 2014, the news came out only in May that year. The online auction house went into damage control. Its then CEO John Donahue asked 145 million users to change their passwords, but said that financial information was stored separately and hence, remained safe. One mind boggling detail is that the unknown hackers had access to eBay’s accounts for 229 days.
While eBay’s database was hacked earlier in 2014, the news came out only in May that year. The online auction house went into damage control. Its then CEO John Donahue asked 145 million users to chan..
Read More
In 2007, more than 94 million customer accounts belonging to the department store group TJX were compromised. The man behind it, Albert Gonzalez, was also indicted in the Heartland Payment’s data breach, where hackers stole more than 130 million credit and debit card numbers from the payment processing system in 2008. College dropout Gonzalez used several screen names like ‘soupnazi’ (a reference to the popular Seinfeld episode), ‘kingchilli’ and ‘cumbajohny’ in the TJX hack. While Gonzalez was arrested in a Miami hotel, officials found $1.6 million in cash hidden in plastic bags in a drum buried at his parent’s backyard. The soupnazi was sentenced to 20 years in prison in 2010.
In 2007, more than 94 million customer accounts belonging to the department store group TJX were compromised. The man behind it, Albert Gonzalez, was also indicted in the Heartland Payment’s data bre..
Read More
The personal records of over 78 million customers were stolen in 2015 from American health insurance giant Anthem. Investigators suspected China’s role in the breach. Apparently, the hack happened in 2014, when just one user at an Anthem subsidiary opened a phishing email. It gave access to the company’s warehouse. In 2017, Anthem reached a settlement of $115 million — the money will reportedly be used to pay for an additional two years of credit monitoring for the breach’s victims.
The personal records of over 78 million customers were stolen in 2015 from American health insurance giant Anthem. Investigators suspected China’s role in the breach. Apparently, the hack happened in..
Read More
Literally every single Yahoo user account was hacked into. In September 2017, Yahoo confirmed that all of its three billion accounts were exposed as part of an August 2013 breach. In a separate incident in 2016, a hacker called Peace put up the company’s user information for sale in the darknet market site, The RealDeal. The news affected Verizon’s takeover of the company, knocking off $350 million from the sale price. Verizon bought out Yahoo in June 2017.
Literally every single Yahoo user account was hacked into. In September 2017, Yahoo confirmed that all of its three billion accounts were exposed as part of an August 2013 breach. In a separate incid..
Read More

The most common way criminals steal this sort of data in the first place is via spear phishing campaigns or by exploiting a web related security vulnerability in an application's software.

After a successful attack, the criminal gets password dumps which contain a combination of emails and passwords for the hacked services. With many people using the same password for several accounts, attackers might be able to use this information to access accounts on other platforms too.

Some criminals selling data even provide their buyers with a lifetime warranty, so if one account stops working, the buyer will receive a new account for free.

"It is clear that data hacking is a major threat to us all, and this applies at both an individual and societal level, because stolen data funds many social evils," said David Jacoby, Senior Security Researcher at Kaspersky Lab.

National Technical Research Organisation proposes creation of Indian National Cyber Registry

"Fortunately, there are steps we can take to prevent it, including by using cybersecurity software, and being aware of how much data we are giving away for free -- particularly on publicly available social media profiles, or to organisations," said Jacoby.

People can avoid such risks by taking several easy security steps, which should become an integral part of any Internet user's digital life.

To stay safe from phishing, always check that the link address and the sender's email are genuine before clicking anything. A robust security solution will also warn you if you attempt to visit a phishing web page.

To avoid one data leak harming all your digital identities, never use the same password for several websites or services, researchers said.
Download
The Economic Times Business News App
for the Latest News in Business, Sensex, Stock Market Updates & More.
READ MORE
ADVERTISEMENT

READ MORE:

LOGIN & CLAIM

50 TIMESPOINTS

More from our Partners

Loading next story
Text Size:AAA
Success
This article has been saved

*

+