A lot of people ask this question after they have suffered from a cyber attack; what do hackers do with the data they steal? Not only is it interesting to learn the nuts and bolts of the routine hackers follow post-hack, but it can also give people an insight into how to minimize any damage after their data has been compromised. Unfortunately, it is only in the movies where hackers wipe out the student loan and credit card debts of the people. Sure, there might be some legitimate hackers out there who do help people, in real life, most hackers have malicious intentions.
Most of them engaged in fraudulent, illegal and exploitative activities and are only looking to monetize the information they steal. If you are wondering what the hackers do with the data they have stolen, here are some of the things that are usually done:
Inventory the data they have stolen
Once hackers have stolen the data, they will then do an inventory of what they have. Their aim is to look for personal information such as names, phone numbers and addresses, authentication credentials and financial information such as bank account numbers and credit card details. This is the kind of information that can be useful for them.
Sell any personal information they have found
When they have categorized and separated the information, now the hackers will package up the personal information they have accumulated such as names, email addresses, phone numbers and other and sell it in bulk. The more recent the information, the more valuable it will be and fetch money accordingly. If hackers are able to provide a full set of an individual’s personal information, which includes their name, birthdate, identification number, address and credit card information can be sold for as much as $500, depending on the buyer.
Look for the interesting stuff
After they have sold off all personal information, the next step is to focus on all the authentication details they have gotten in order to look for any possible lucrative accounts. Military and government addresses can be very valuable as well as business email addresses and passwords of large organizations and corporations. Moreover, as people tend to re-use their passwords, hackers can use the credentials for corporate or military accounts to target other companies as well. The credentials can be used for stealing identities or money by the hackers or they can also sell them on the dark web to the highest bidder.
Deal with the cards
Similar to personal information, financial information is also packaged and then sold in the form of bundles. Those who have the right knowledge can easily purchase credit card information in groups of hundreds. This card information is usually bought by a ‘broker’ who then sells it to ‘carders’. These are the people who use this stolen credit card for buying things on the internet. Physical items are purchased and they are then sold through legitimate platforms such as eBay for making a profit.
Identity theft
In extreme cases, the personal information or credentials obtained by the ackers may be used for performing illegal and illicit activities without the knowledge of the individual. This means that someone else gets in trouble for any dangerous or harmful activities that are performed by the hacker.
These are some of the ways data stolen by hackers can be used. Since it can have repercussions in the long term and create a wide array of problems, it is essential for people and companies to have effective strategies and measures in place for data loss prevention.