When it comes to breached data, the expression “the horse is out of the barn” comes to mind. At this point, there have been so many massive breaches that a startling number of Americans just have to make peace with the idea that their data is out there and potentially up for grabs.
Unless, of course, innovation comes up with a better way to head off those secondary crimes.
Baltimore’s Terbium Labs, for example, has made crawling the Dark Web — where large batches of stolen credit card data and most other imaginable categories of personal information are on the block — its stock-in-trade.
AllClear ID (previously known as Debix) doesn’t just monitor credit but also data turned over to the FBI-affiliated National Cyber-Forensics & Training Alliance. When customers’ information shows up in that central database, AllClear ID sends them a notice. As of today (May 9), another firm will also start collecting breached data directly from the companies that were hit. The idea is that, with foreknowledge, banks can focus on monitoring accounts of customers more likely to be the target of future cyberfraud.
The “Compromised Identity Exchange” — as it is being called — is to charge those most likely to be hit with follow-on fraud for access to information that reduces their risk. Handing over breach data is free for firms.
The service is being run by a company called XOR Data Exchange, which says it can produce useful data faster by hearing from the victims instead of trolling the Dark Web, where it may already be too late by the time it appears.