Stolen IDs Go For Cheap In The Internet’s Underworld

You’re cheap, let’s face it.

Or, rather, your stolen identity is cheap.

CNET reported Wednesday (Sept. 23) that amid all the headlines that cross various media on a seemingly daily basis about data breaches and identity theft (and even international relations), the price tag attached to that ill-gotten bounty is surprisingly low. A new report by Trend Micro, titled “Understanding Data Breaches,” examining the who, what, how and when of data theft – and where that data goes after the fact — found a number of overarching themes.

With aid from the Privacy Rights Clearinghouse Data Breaches database, the security firm discovered that malware or hacking was part of only 25 percent of total data breaches dating back from 2005 to April 2015. Most commonly, corporate insiders, device theft and use of skimming technology were among the top drivers of data loss. Payment service providers are proving to be increasingly favored targets among cyberthieves, with a jump in card-related data breaches of as high as 169 percent over the past five years — a feat made possible by card-skimming at terminals or ATMs and even keyloggers at cash registers. Favorite industry for data theft? It’s health care, with government, retail and education following it. And, of course, everyone expects cyberattacks to increase.

Trend Micro found that personally identifiable information, or PII, remains the favorite type of data to take, ahead of financial data. Within the Internet’s Dark Web, PayPal and Uber accounts, and even gaming accounts, are tools for trade, sale and financial gain. As the study found, U.S. mobile operator accounts can change hands for a $14 price tag, with other accounts ranging across eBay, PayPal and others going for $300 a pop, and Uber is getting a lot of play as a means for the proverbial free ride. Bank accounts also fetch a few hundred dollars each, with the price tied to the balance in the accounts.

In discussion of the economics of the Dark Web, bulk-buying lowers price, and this indicates large-scale data theft. Cards that have not been originated in the U.S. grab higher prices than those that are from here.

Drilling down to PII, sales per line grab a paltry $1, and each line sports a name, address, Social Security number and other data. The going rate used to be $4 per line, but so much data has flooded the black market that the laws of supply and demand have kicked in. Full credit reports carry a steeper price tag at $25 each.

To check out what else is HOT in the world of payments, click here.



The PYMNTS Cross-Border Merchant Friction Index analyzes the key friction points experienced by consumers browsing, shopping and paying for purchases on international eCommerce sites. PYMNTS examined the checkout processes of 266 B2B and B2C eCommerce sites across 12 industries and operating from locations across Europe and the United States to provide a comprehensive overview of their checkout offerings.