How cybercriminals turn ‘harmless’ stolen or leaked data into dollars

By merging data from multiple sources, cybercriminals can build profiles of hacked account owners to enable other attacks or increase the effectiveness of social engineering campaigns.

Social engineering / social media security / privacy breach / fraud
Chainarong Prasertthai / Getty Images

Now nearly halfway into 2021, more than two-dozen high-profile data breaches have already occurred, some involving brands such as Facebook, LinkedIn, Instagram, US Cellular, T-Mobile, Geico and Experian. Data stolen during those intrusions will affect millions of users, even though some of that data may be as innocent as an email address. That's because stolen data doesn't live in a silo.

"These things don't exist in a vacuum," explains Jeff Pollard, VP and principal analyst at Forrester Research. "There might be an email address in one breach and more information in another breach that corresponds to that email address."

Pollard cautions against viewing each breach separately as data can be aggregated and compiled to collect more details about a person. "One bread crumb leads to another," he says, "and because of the ubiquity of breaches, things can be put together that can lead back to someone."

Urge to merge data

Threat actors have become sophisticated in how they treat stolen data. They're taking any new data they get and merging it with data they already have to grow their databases. In one dataset, they might have a first name and last name. In another, a first name, last name and email address. In a third, data on likes and interests.

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)