The Three Kings of Data Thievery
It has become commonplace for personal data, medical data and credit card data to be at risk for a security breach. Credit card processing services that remain PCI complaint are able to mostly avoid these risks, but not all companies see PCI compliance as vital to their business. Big name companies like Zappos and Global Payments have already felt the sting of this just this year. Unfortunately for them both, they made headlines for all the wrong reasons: a credit card information breach. Another high-profile data breach was attributed to a claim made by a group of hackers. These hackers said that they had breached Apple through an FBI agent’s laptop and had acquired the personal information for millions of Apple device users.
Those responsible for these types of breaches typically fall into one of three categories. The first group is comprised of hackers that are simply doing it because they can. It has turned into a cyber game for this group. Luckily, they rarely use the information for personal gain. The second group is also comprised of hackers, but they are more commonly referred to as “hacktivists.” Hacktivists breach the data barriers of very specific companies to show both them and the public that their security standards are lacking. This group also rarely uses the data they obtain for personal gain. It is the third group that is by far the most dangerous.
The third group of people that typically participate in data theft are those looking to profit in one way or another off of the information. Whether they are selling personal and medical information to outside parties, or using the credit card data they acquire for personal, exorbitant purchases, they can seriously damage a person’s credit and other personal information.
Knowing that the third group has basically created a new industry for themselves, people start to think about how much these pieces of data are really worth. “Each piece of information stolen in a breach has a different value,” says John Harrison, Group Product Manager for endpoint threat protection, security technology and response at Symantec, based in Mountain View, California.
During a study conducted by Symantec in 2008, it was found that these thieves were creating “data packages” with anywhere from five to 500 accounts in each packages. Each piece in every package ranged from between $.50-$12.00 (Yes, that’s per piece.)
Have you ever had personal, medical or credit card data stolen from you? How did you deal with the issue? Comment below and share your thoughts.