Where Does Your Data Go After a Breach?

21 May 2015

With high-profile data breaches in the news more often than ever before and the threat of cyber thieves looming large, there’s one question on everyone’s mind: What happens to the data that’s stolen in a breach? We all know that it can be used for credit fraud and identity theft, but where does it go and how many people view it?

As it turns out, a lot more happens to stolen data than you might think. A recent experiment by American data protection company Bitglass showed that data sets travel around the globe in a matter of weeks, garnering thousands of views.

The company set out to see what would happen to personal data released on the web by creating an Excel spreadsheet of about 1,500 fake names and their fabricated information, including credit card numbers, Social Security numbers, addresses and phone numbers. The file was marked so that every time it was opened, it would transmit information back to the company about the device, location and IP address it was opened from.

After posting the file to so-called “cyber-crime marketplaces on the Dark Web”, the company found that it took off immediately, ending up in 22 countries across five continents over the course of two weeks. The data was viewed more than a thousand times and downloaded 47 times.

The countries where the information was accessed the most were Nigeria, Russia and Brazil, which also have some of the highest rates of cyber criminal activity. The researchers were actually able to track activity that seemed to indicate that the data was being shared among organized crime syndicates in Nigeria and Russia. Clusters of related downloads and shares showed that these syndicates were having the data reviewed for authenticity by multiple members before sharing it elsewhere.

Eventually, the data ended up on many more Dark Web sites than it had originally been shared on, indicating that these syndicates don’t mind sharing this type of information endlessly with their peers. What this means for individuals who have had their data stolen in breaches is that, unfortunately, it has probably been spread all over the world, making recovery very difficult.

If you discover that your personal information has been compromised in a data breach, there are a few steps you should take immediately in order to minimize the damage the breach will cause you:

  • Contact the company for details. The company whose data has been breached is responsible for telling you exactly what information has been shared and how they’re taking action to remedy what has happened. If only relatively easily accessed information like your name and address has been shared, you may have less cause for concern, but if your credit card or Social Insurance number has been compromised, you definitely have cause for concern.
  • Change your passwords. Make sure it isn’t easy for someone with your information to impersonate you online by changing all your passwords as soon as you hear about the breach.
  • Let your bank know what has happened. If your financial institutions are aware that your information has been compromised in a breach, they’ll be more prepared to deal with potential fraudulent charges on your accounts.

One good way of keeping track of your finances in the aftermath of a data breach is to sign up for a credit monitoring service to alert you to certain kinds of activity in your credit files that may indicate theft or fraud.