Another week has gone by, a week full of interesting publicly-reported U.S. data compromises. This week on the Identity Theft Resource Center’s Weekly Breach Breakdown podcast, we are focusing on cyberattacks and data breaches that help us put a price tag on people’s personal information – including EDP Renewables’ ransomware attack, a Twitter data breach that exposed Slack user information and much more.
In the 1980s, hacking started to become a thing. For the most part, hackers were young, smart and motivated by the challenge of breaking into the phone company or the Pentagon. As the ITRC’s COO and podcast host James Lee says, “the payout was street credibility.” Today, hackers are known as threat actors, and they are looking to steal people’s personal information simply because they are motivated by greed. Stealing someone’s personal information is not so much about breaking into someone’s bank account as it is stealing users’ login and passwords from a company to dupe them into paying a fake invoice (from said company) or infecting a company’s systems with ransomware.
Earlier this year, security research firm SentinelOne estimated that ransomware cost U.S. companies $7.5 billion in 2019. That number is expected to increase because the average ransom paid is going up. According to Security Boulevard, in six months between October 2019 and March 2020, the average ransom payment went from $44,000 to more than $110,000 an attack.
Originally, data thieves were content with just locking up a company’s files and walking away if they did not get paid or releasing the files back to the company if they did. Now, however, cybercriminals specializing in ransomware are using more sophisticated attack software and bolder tactics. Attackers are downloading sensitive personal information before they notify their victims instead of just sending a ransom note after locking files, turning a basic cyber hold-up into a classic data breach.
This past week, EDP Renewables, a European energy company that serves 11 million customers in the U.S., confirmed they were the target of a ransomware attack with a $14 million price-tag. Customer information was breached as part of the attack. In ransomware attacks, like EDP Renewables, the stolen information is used as leverage to force companies to pay the attackers. EDP Renewables did not pay. The demands like the one in the EDP Renewables ransomware attack make it easy to calculate the value cybercriminals put on identity information.
Another way to tell the value of personal information is to look at the price data commands in one of the Dark Web’s illicit marketplaces – where stolen information and identities are commerce. Earlier in July, data thieves posted a database of customer information from Live Auctioneers, an auction website that allows people worldwide to bid on auctioned items in real-time. The complete set of 3.4 million records are for sale starting at $2,500.
However, not all data is as valuable as other pieces of information. For example, a credit or debit card could be worth as much as $11 or as little as $1. Workspace tool Slack is learning their user information is not as valuable to data thieves, at least right now. A recent Twitter data breach exposed Slack user information. According to security researchers at KELA Group, 17,000 Slack credentials from 12,000 company workspaces are for sale on the dark web for a little as $0.50 and as much as $300. Despite the cheap low rate, no one is taking advantage of the Slack data from the Twitter data breach – posts offering the Slack credentials are nearly a year old. The reasons why cybercriminals are interested in some data and not interested in other data can vary. However, right now, data thieves are not interested in the Slack user information; because as popular as Slack is with users and Wall Street, Slack channels are rarely filled with the kinds of information cybercriminals want.
For more information about the latest data breaches, people can subscribe to the ITRC’s data breach newsletter. Keep an eye out for the ITRC’s new data breach tool, NotifiedTM. It’s updated daily and free for consumers. Businesses that need access to comprehensive breach information for business planning or due diligence can subscribe to unlock as many as 90 data points through one of three paid tiers. Subscriptions help ensure the ITRC’s free identity crime services stay free. Notified launches in August.
If someone believes they are a victim of identity theft or have been impacted by a data breach, they can call the ITRC toll-free at 888.400.5530 to speak with an expert advisor. They can also use live-chat. Finally, victims of a data breach can download the free ID Theft Help app to access advisors, resources, a case log and much more.
Join us on our weekly data breach podcast to get the latest perspectives on the last week in breaches. Subscribe to get it delivered on your preferred podcast platform.
You might also like…