Having data stolen has become a regular occurrence in modern times. Nearly every month there’s a new headline detailing how an organisation has been hacked and its users data stolen.
But what actually happens when the data is stolen?
Well according to University College London, not a lot in the first few days.
Computer scientist Jeremiah Onaolapo and his team set up 100 Gmail accounts. They then “accidentally” shared their login credentials on sites that data traders frequent. By the end of the study, 90 of the accounts had been visited by people who were not their rightful owner.
What was surprising was that the cyber thieves did not instantly take over and hijack any saleable information. Instead there was initial activity by “curious” people who checked that the login details worked and that the account was live. And then? Nothing.
“For some of the accounts, where someone checked them, we did not see any more activity for some time,” Onaolapo said.
It turns out, the accounts were under surveillance to let thieves assess the value of the information flowing through them.
The next move depended on the type of criminal that had accessed the account.
The ones looking to sell data were looking for accounts that would be overflowing with messages and information from banks and other online services.Spammers sought accounts that are in good standing with an internet service or webmail provider to support lots of messages being pushed through. Malicious hackers, who wanted to send malware through the accounts, were most keen to hijack the account and then shut out the original owner.
But no matter the type of cyber thief, there was often a period of days or weeks between the first access and the time when the account actually started to be abused.
The gap was for two reasons. One, as we said, to track the account to check its value and decide whether it is worth proceeding with or just to allow it to pass the hacker by. But also to test the credentials stolen on other websites. This is why it is so important to have different logins for different sites. Apps such as LastPass can be a great way to keep your accounts secure without having to remember dozens of different passwords.
This evaluation period is the victim’s chance to avoid any major damage.
Changing your password is a good first step. It’s never too late to change it unless there has been fraud committed against that account.
Password and security expert Per Thorsheim painted a more sober picture and said vast amounts of breached data had appeared this year for one good reason.
“They put it up for sale so they can get the last bit of value out of it, the last few thousand dollars,” he said.
“It’s not just one hacker that does the initial breach and then exploits the data,” he said. “The lists divided and sold off to other brokers. They go through many different hands.”
The only upside of the massive amount of data being shared is that it will take the criminals time to process it all, he said.
“No matter how many times we talk about this people still re-use the same password across sites,”
Data theft can happen at any time and can be completely beyond your control.
If it is revealed that a service you use has had a breach, we recommend taking direct action and changing your login for that service, and any service connected to it.
It is also important to have as many different passwords as possible so that one breach doesn’t lead to all your accounts becoming compromised.
If you’d like any further help or advice on properly destroying data then call us on 0161 777 1091. We specialise in the secure and ethical disposal of end of lifecycle IT equipment and, with 20 years experience, our customers have the peace of mind that their IT assets are in the safest of hands.