The Data Breach At The Va Affected The Records Of Approximately How Many People?

Man typing at his laptop computer at night — Approximately 86% of data breaches are about money, and 55% are committed by organized criminal groups, according to Verizon's annual data breach report.

Getty Images

Information breaches have become mutual, and billions of records are stolen worldwide every year. Most of the media coverage of data breaches tends to focus on how the breach happened, how many records were stolen and the financial and legal impact of the incident for organizations and individuals afflicted by the alienation. Merely what happens to the data that is stolen during these incidents?

Equally a cybersecurity researcher, I track information breaches and the black market in stolen data. The destination of stolen data depends on who is behind a information breach and why they've stolen a sure type of data. For instance, when information thieves are motivated to embarrass a person or organisation, expose perceived wrongdoing or better cybersecurity, they tend to release relevant data into the public domain.

In 2014, hackers backed by North korea stole Sony Pictures Entertainment employee information such equally Social Security numbers, fiscal records and salary information, as well equally emails among height executives. The hackers so published the emails to embarrass the company, possibly in retribution for releasing a one-act virtually a plot to assassinate North Korea's leader, Kim Jong Un.

Sometimes when data is stolen by national governments it is not disclosed or sold. Instead, information technology is used for espionage. For example, the hotel company Marriott was the victim of a data alienation in 2018 in which personal information on 500 meg guests was stolen. The fundamental suspects in this incident were hackers backed by the Chinese government. One theory is that the Chinese government stole this information as part of an intelligence-gathering effort to collect information about U.S. government officials and corporate executives.

But the bulk of hacks seem to exist about selling the information to brand a buck.

It's (More often than not) About The Coin

Though information breaches can be a national security threat, 86% are about money, and 55% are committed past organized criminal groups, co-ordinate to Verizon's annual information breach report. Stolen data often ends up beingness sold online on the dark web. For case, in 2018 hackers offered for sale more than 200 million records containing the personal information of Chinese individuals. This included data on 130 million customers of the Chinese hotel chain Huazhu Hotels Group.

Similarly, data stolen from Target, Emerge Beauty, P.F. Chang, Harbor Freight and Dwelling Depot turned up on a known online blackness-market site called Rescator. While it is easy to find marketplaces such as Rescator through a simple Google search, other marketplaces on the nighttime web can exist establish only by using special web browsers.

Buyers can purchase the data they are interested in. The most common way to pay for the transaction is with bitcoins or via Western Union. The prices depend on the type of data, its demand and its supply. For case, a large surplus of stolen personally identifiable information caused its price to drop from US$four for information nigh a person in 2014 to $one in 2015. Email dumps containing anywhere from a hundred thousand to a couple of million email addresses go for $10, and voter databases from various states sell for $100.

Where Stolen Data Goes

Buyers use stolen data in several ways. Credit card numbers and security codes can exist used to create clone cards for making fraudulent transactions. Social Security numbers, dwelling house addresses, total names, dates of nativity and other personally identifiable information can be used in identity theft. For example, the buyer can utilise for loans or credit cards under the victim's proper name and file fraudulent tax returns.

Sometimes stolen personal information is purchased by marketing firms or companies that specialize in spam campaigns. Buyers tin can too use stolen emails in phishing and other social engineering attacks and to distribute malware.

Hackers have targeted personal data and financial data for a long fourth dimension because they are easy to sell. Health care data has become a big attraction for data thieves in recent years. In some cases the motivation is extortion.

A practiced example is the theft of patient data from the Finnish psychotherapy do business firm Vastaamo. The hackers used the data they stole to demand a ransom from not only Vastaamo, but besides from its patients. They emailed patients with the threat to expose their mental health records unless the victims paid a ransom of 200 euros in bitcoins. At least 300 of these stolen records have been posted online, according to an Associated Press report.

Stolen data including medical diplomas, medical licenses and insurance documents tin also exist used to forge a medical groundwork.

How To Know And What To Practise

What can you lot do to minimize your gamble from stolen data? The get-go step is to observe out if your data is being sold on the night spider web. You tin use websites such every bit haveibeenpwned and IntelligenceX to come across whether your email was office of stolen data. It is likewise a good idea to subscribe to identity theft protection services.

If you accept been the victim of a data breach, you can take these steps to minimize the bear upon: Inform credit reporting agencies and other organizations that collect data about you, such as your health care provider, insurance company, banks and credit carte companies, and change the passwords for your accounts. You lot can also report the incident to the Federal Trade Commission to become a tailored plan to recover from the incident.