Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Dark Web Data Breach Leads to Thieves Stealing from Thieves

Date: 06/06/2020

Since 2005, the Identity Theft Resource Center (ITRC) has built one of the most comprehensive repositories of publicly reported data breach information in the U.S. that is updated daily. In the last 15 years, the ITRC has tracked over 10,000 breaches

Data breaches target different companies and sectors using a variety of attack vectors (the way threat actors commit an attack). Most recently, it was a group of hackers that stole a database of information from another group of cyber criminals as part of a dark web data breach. Hacker KingNull recently leaked the database of Daniel’s Hosting (DH), the largest free web hosting provider on the dark web. 

The information leaked in the dark web data breach was obtained in March 2020 when a hacker breached the DH portal, stole the database and wiped the servers of close to 7,600 websites, a third of all dark web portals.

The dark web data breach was confirmed by ZDNet and included over 3,500 email addresses, 7,000 account passwords and 8,500 private keys for .onion domains used on the dark web. Some security researchers say the breached data from the dark web data breach could be used to link owners of the leaked email addresses to some dark web portals to help law enforcement track those who might be running or taking part in illegal activities on the dark web.

Another recent data breach the ITRC has tracked involves LiveJournal, a blogging and diary website. Cybersecurity researchers believe the platform was breached in 2014, ordinarily requiring a data breach notification to users. However, LiveJournal owner, the Rambler Group, says the breach never happened. In fact, they believe the usernames and passwords were collected from various other malware and brute-force attacks.

However, the database, which contains credentials for over 26 million LiveJournal accounts, has been leaked online and is being sold on the dark web and in hacker forums. Exposed information includes email addresses, passwords and usernames for members of the blogging service. The LiveJournal data breach illustrates how patient data thieves can be; holding onto data for years before using or selling it. This is a common trait seen among hackers that helps increase the value of stolen data and reduce the chances of getting caught.

Finally, IllinoisArkansasColoradoOhioFlorida, and most recently, Kentucky all suffered unemployment department data exposures due to their quick response in setting up convenient, DIY websites for those seeking unemployment benefits due to closures from the coronavirus. Some of the states’ identified a common vendor as the source of the glitch, and all states believe they were able to fix the problem within hours of being notified. Fortunately, none of the six states have found any evidence of a cyberattack or any personal information being stolen. However, the affected states notified applicants and offered free credit monitoring to help spot any unusual activity, which could be a sign of identity theft.

The recent unemployment data exposures are a good example of how not all data compromises are the same. While some news headlines referred to these incidents as data breaches, they are not actually breaches because the information was never downloaded from the computer system where the information was stored.

This is considered to be a case of data exposure because the personal information of applicants could be viewed by other applicants if they knew where to look because of a software error that was corrected before cybercriminals could find the flaw. Only if someone viewed the information and then attempted to misuse someone’s identity, would the event turn into a data breach – a very rare event in the privacy and security world.

A data breach is far more serious than a data exposure. A data breach is when information is intentionally removed, usually to commit an identity crime. Mass data breaches are typically committed by well-organized groups that can exploit software flaws, stolen login credentials or trick an employee into doing something that allows attackers to access a company’s information.

If someone believes they had their information exposed as part of a data breach or is a victim of identity theft due to a data breach, they can live-chat with an ITRC expert advisor. They can also call toll-free at 888.400.5530. Advisors can help victims create action plans tailored to them.

Join us on our weekly data breach podcast to get the latest perspectives on the last week in breaches. Subscribe to get it delivered on your preferred podcast platform.

You might also like…

AERIES DATA BREACH AFFECTS SCHOOL DISTRICTS ACROSS CALIFORNIA

PURPORTED LIVEJOURNAL DATA BREACH LEADS TO 26 MILLION USER RECORDS BEING STOLEN

FORMJACKING TACTICS USED IN FABFITFUN DATA BREACH

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.