dcsimg

Experian Warns of Surge in Personal Data Being Traded Online

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

According to Experian, 19.7 million pieces of personal information were illegally traded online in the first six months of 2012 -- that's more data than was traded online in all of 2011, when 19.04 million personal records were traded.

"Data are sold by hackers on auction-like black market sites, where information to authenticate credit card accounts sells for $1-$30 an account depending on the card credit limit. Passwords for email accounts sell for $1-$20," writes The Financial Times' Maija Palmer. "About 90 per cent of illegally traded personal data involves the combination of an account name and password, Experian said."

"The publication of the figures coincides with the start of [the UK's] National Identity Fraud Prevention Week, which the company has also marked by releasing the results of its Life In A Box experiment," writes IT PRO's Caroline Donnelly. "The initiative was designed to shed light on people’s online security habits by placing a volunteer in a shop front for a week with nothing more than a laptop. The volunteer, Steve, was set a number of online challenges to test the strength of the password and username combinations he used and how easy it was to uncover personal information about him online."

"The experiment found that although Steve showed himself to be a savvy web user, like many people he made basic security mistakes in his hurry to get things done," writes TechEye's Andrea Petrou. "This included using the same password across multiple accounts, failing to update his web browser to a newer, more secure version, and he didn’t check that websites were secure by looking for the padlock icon when making online purchases. From this, Experian said it was able to deduce that all of the eight temporary email addresses used by Steve were taken over within five hours, with the majority of credentials hijacked within five minutes."

Submit a Comment

Loading Comments...