Data is the ultimate “black gold” of the digital economy. The commercial significance of personal data is undisputed, with a bustling economy that supports a giant database of managing personal information. Importantly, the dark web has established a booming economy within its corridors, where personally identifiable information (PII) is routinely sold or rented with the sole intention of realizing financial gains.
In recent times, reports have emerged about a 2019 case of a massive data breach where MGM Resorts International (MGM) was infiltrated – leading to the access of personal data belonging to 10.6 million guests and its subsequent distribution on the dark web.
Aside from personal data of regular visitors to the resorts, some of the leaked information included the personal and contact details of public figures, tech leaders, journalists, government operatives and persons associated with some of the most valued tech companies on the planet. Among the rumored celebrities affected by the MGM data breach are music icon Justin Bieber and Twitter’s CEO Jack Dorsey.
While speaking to ZDNet, an MGM spokesperson confirmed the authenticity of the incident in which stolen data, which was shared on an online hacking forum this February, had been the outcome of a cybersecurity incident in 2019.
In a statement, MGM confirmed that the organization has detected unauthorized access to a cloud server holding a limited amount of information belonging to former guests of the resorts. An internal investigation exercise pointed the data breach to activities of the GnosticPlayers, a group of hackers that are said to have dumped a billion user records in 2019 alone.
A Silver Lining for MGM
Point to note, MGM confirmed that the personal info that was breached did not fit the classification of financial data, including payment card information and passwords.
In addition, it is prudent to realize that the MGM breach is dwarfed by the 2018 breach of Marriot, an incident that led to the exposure of data belonging to 500 million guests found in the organization’s Starwood reservation system.
Still, away from the hotel industry, the largest data breach in recent time is undoubtedly that of Yahoo in 2013 – in which 3 billion user accounts were affected.
Stolen Data on Demand
There are various types of data for sale on the dark web, but we shall focus on a few main ones.
Arguably, financial data tops the list of the most common forms of personal information that is traded online.
Financial data has been implicated in many cases involving data breaches that target user payment card information. Expectedly, retail organizations form the bulk of entities that have suffered financial data theft for a long time.
Login access is another type of data used by criminals to perpetrate fraud-related crimes. Login access denotes the information necessary for permitting entry to organizational systems within defined networks. Entry types include the simple kind (login details) and the more technical forms that may be used by criminals to permeate through cyber security protocols.
Access to online services refer to personal data used in digital subscriptions. Netizens access online content through subscription plans provided by websites.
It is quite surprising to realize that this form of data appeals to dark web criminals that apply it as fraud fodder. When stolen, this type of data can be used to breach online accounts with the aim of carrying out illicit activities. In this regard, the credentials of a legitimate account owner may be used to make online purchases owing to the criminal possession of stored credit card information.
Moving further, health records are on high demand in the hidden web. In fact, it is said that stolen medical information is several times more valuable than financial data sold on the dark web.
But why?
See, data breaches involving medical data are hard to detect since most patients would take a long time to discover the theft. This is a sharp contrast with cases involving financial data where a victim may notify their bank about a data breach, which would solve the problem forthwith.
Tap here to join the discussion
