Ever wondered how much your personal data could be sold for on the dark web? A recently published report from online privacy and cybersecurity resource VPNOverview seems to answer that question (and others) in depth.
Titled “In the Dark,” the report offers detailed price breakdowns of different kinds of stolen personal information, including financial accounts and cards, social media accounts, bank details, phone numbers, credit histories, passports, drivers licenses, and even access to breached databases. The report also mentions certain websites on the dark web that act as marketplaces for stolen personal information, such as Financial Oasis and PayPal Cent.
For personal information related to financial accounts and cards, the report offers a list of different kinds of example accounts and cards (PayPal, Cashapp, Amazon gift cards), pairs them with certain values (usually the current balances of these accounts) and then provides the price at which a hacker would sell this information. For example, personal information for a PayPal account valued at $12,000 would then be sold for $1,200. And surprisingly, bank cards valued within a range of $800 to$1,000 would only be sold for $79.
The report also notes how much it would cost to gain access to a person’s social media accounts, personal information (which apparently includes names, addresses, credit histories, and phone numbers), and bank details. To gain access to someone’s social media accounts, VPNOverview asserts that someone can purchase that access “for as cheap as $12.99.” A victim’s personal information can be sold at a price ranging from $40 to $200. And bank details have a price range of $50 to $200. And we haven’t gotten to the insane stuff yet.
VPNOverview’s report also includes price breakdowns for what appears to be forged passports, drivers licenses, and ID cards for 19 countries. The forged documents are a “combination of accurate personal information and a convincing forgery.” For example, according to the report, a forged U.S. passport would cost $777, and a passport plus a driver’s license would cost $888. Similarly, a U.S. passport and an ID card would also cost $888. But a combination of all three documents (a passport, ID card, and a driver’s license) would cost $999.
But the report’s investigation didn’t stop there. The most interesting tidbit was left for close to the end of the report and involved something on everyone’s minds lately: Data breaches. Apparently hackers can also sell access to the breached databases of various companies. And the report actually lists a few companies with breached databases, the costs for access to these databases, and the number of records a person would have access to once they purchased that access. For example, according to the report, the entertainment app Dubsmash had a data breach and access to Dubsmash’s breached database costs $4,995. And that price gets you access to 15,500,000 records. Other companies with breached databases up for sale include Armor Games, MyFitnessPal, and MyHeritage.
In an emailed statement sent to Digital Trends, comments from VPNOverview’s cybersecurity analyst, David Jansen, shed a little light on why VPNOverview researched all this in the first place.
“We conducted this research into the dark web to raise awareness of the dangers of identity theft and to help educate the public on the serious risks surrounding your digital security and online identity,” Jansen explained. “Our findings show that thieves and hackers could easily gain access to your most important accounts and spill your information on the dark web, where it is sold for next to nothing and used for all sorts of malicious purposes. The large-scale availability of stolen and counterfeit passports, driver’s licenses, and online accounts leaves us all vulnerable to identity fraud and cybercrime.”
- Hackers are trying to sell a haul of more than 73 million user records
- How to access the dark web
- The best password managers for 2020
- Protect your privacy with Dashlane password manager, and how to sign up
- Quibi, JetBlue, and more leaked your email to advertisers, report finds