What Happens to Confidential Information After a Cyber Crime?

Posted  May 21, 2015  by  Jenny Green


Have you heard about the Bitglass experiment that tracked what happens to stolen confidential consumer data after a cyber crime?

Bitglass, a data protection company in Silicon Valley, created 1,568 fake names, social security numbers, credit card numbers, addresses and phone numbers, and saved them in an excel spreadsheet. The spreadsheet was watermarked by a Bitglass proxy so that every time the file was opened, the indestructible watermark would cause the user’s IP address, geographic location, and access device type to be sent to the researchers.

Next, Bitglass posted the false data anonymously to cyber-crime Dark Web marketplaces – and waited.

Here’s what happened to the stolen data, and what safeguards should be in place.

  • In less than two weeks, the fake confidential data was viewed more than 1,000 times and downloaded 47 times. "Once confidential data has been stolen, there is no limit to how far that data will travel, and how many different people will get their virtual hands on it,” according to a Bitglass report.
  • It took just 14 days for data to end up on five continents (North and South Americas, Asia, Europe and Africa) and in 22 countries. It was viewed most in Nigeria, Russia and Brazil, likely by crime syndicate groups.
  • The experiment showed that cyber criminals are using stolen credit card numbers as currency and to try to make purchases online. One story referenced someone attempting to buy something using one of the fake credit card numbers.
  • The experiment “demonstrates the liquidity of breached data, underscoring the importance of discovering data breaches early," said Nat Kausik, CEO of Bitglass. The 2014 Data Breach Investigations Report showed that data breach discovery often takes ‘weeks or months’. According to Bitglass information, businesses actually take an average of 205 days to realize their data has been breached.
  • Visibility is important when it comes to limiting the damage of an information security breach. In breach incident response guidelines, Veracode, an applications security company, advises quick breach notification and acknowledgement of the organization’s awareness and continuing efforts to safely restore service.
  • The Bitglass experiment suggests that earlier detection and reporting of breaches would likely better protect data from crime networks. Organizations need a comprehensive data breach response plan and team, headed by a Chief Information Security Officer (CISO). The policy should provide steps, timelines and checklists.
  • Since there is a time lag between the breach and when stolen data is widely dispersed, deal with a breach as soon as possible. In the first 24 hours, stop additional data loss by taking affected machines offline, advises Experian’s Data Breach Response Guide. Practice incident response, and provide training so everyone knows what they have to do.
  • Be proactive and targeted. In 2014, 783 data breaches were reported, which is 27.5% more than the previous year, according to the Identity Theft Resource Center. Use security risk assessments to identify data breach threats, and plan only for incidents of concern to the business.

Proper document management and document destruction should also be part of a comprehensive information security policy.

Request a Quote

Fill out the form below and we’ll contact you with a free quote within the hour! (Between 8:00am and 5:00pm, Mon - Fri)

Select Service

Company info

Your info

Additional Info