Stolen identities selling for just £10

data breach

According to a report by The Independent[1], the personal data of UK citizens is selling for as little as £10 on the dark web.

The dark web is a hidden section of the internet which allows users to remain anonymous and untraceable. It is popular with cybercriminals looking to buy and sell data.

A full ID package – which usually includes the name, address, online passwords, banking data and other identifying information of an individual – is also being offered for sale on several popular online black markets. Other available information includes the logins for dating apps, streaming services, online shopping sites and social media profiles. The data offered provides more than enough information for hackers to carry out online fraud and identity theft.

In addition to the available personal information, the report highlights how hackers are using the dark web to find guides on how to use this information. For example, for just £6 cybercriminals can buy a “how to obtain loans” guide which gives step-by-step instructions on how to take out a loan using stolen data. The guide does not require any special skills to follow the instructions.

Worryingly, the availability of such information seems to be on the rise; not least because a series of high-profile hacks have seen the data of hundreds of millions of people exposed.

The report also warns that the “public has little to no sense of how much of their data has been compromised”. Indeed, cybersecurity experts believe that it is not a question of whether a person has been hacked, but how many times. As such, the key is to minimise any risks.

How to protect yourself from cybercriminals

There are steps you can take to protect yourself even if your data is available to hackers. This includes:

  • Contacting your bank/credit card provider if you are worried that your banking details have been exposed
  • Being aware of common phishing techniques and keeping an eye out for fraudsters who attempt to gather additional personal information
  • Avoiding clicking any links or opening any attachments within suspicious emails
  • Reporting any suspected phishing attempts to the police and relevant authorities
  • Looking out for any bills or emails showing goods or services you haven’t ordered, or any unfamiliar transactions on your account and alerting your bank or card provider immediately if there is any suspicious activity
  • Monitoring who you accept into your social media circles
  • Keeping an eye on your credit score for any unexpected dips
  • Calling Credit, Experian and Equifax to ensure credit isn’t taken out in your name
  • Being aware of any unsolicited communications that refer you to a web page asking for personal data
  • Registering with a suitable fraud prevention service
  • Enabling two-factor authentication on accounts that support it
  • Regularly changing your passwords on all your accounts
  • Using different passwords for all websites and apps
  • Using a secure password service
  • Never automatically saving your card details online.

You can find out if your data has been hacked at sites such as Have I Been Pwned.

Claiming compensation if your data has been put at risk

At Hayes Connor Solicitors, we help our clients to make compensation claims after their data was put at risk by the organisations they trusted to look after it.

In some cases, these data breaches are massive news stories following hacks against the likes of Ticketmaster, Equifax and British Airways. But, every day, we also help people come to terms with smaller data breaches that have a severe and often lasting impact on them.

The impact of cybercrime can be devastating. For example, following last year’s Ticketmaster data breach, 63% of all the clients we took on suffered multiple fraudulent transactions on their payment cards. What’s more, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

In most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests. The only way these organisations will be persuaded to take their responsibilities seriously and make the necessary improvements is by hurting their bottom line.

If you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

[1] https://www.independent.co.uk/life-style/gadgets-and-tech/news/dark-web-id-value-hackers-cyber-crime-a8683821.html