Data is a popular commodity on the dark web, where people buy and sell sensitive information, much of which is stolen through cyber vulnerabilities. Usernames, passwords, account numbers, financial records, credit card details, medical records - all of these are available for access. Two recent batches of data have been sold on the dark web, as follows.
Data Ⅰ: Personal data of over 500,000 Muscovites who bought fake vaccine certificates now for sale on the dark web
Dark Web forums and Telegram channels have begun selling databases containing the personal information of Russians who purchased fake COVID-19 vaccination certificates and falsified PCR test results. kommersant reporters interviewed a vendor who offered to sell them a database containing 1,000 lines of information for $120. The file contains people's passport numbers, insurance policy numbers, phone numbers, home addresses and information about when they received the forged documents.
Evgeny Antipov, a programmer who runs the telegraph channel "God's Eye," told Kommersant that the largest database he keeps track of contains the personal information of more than 500,000 Moscow residents. The price for information on one person on the list is about 35 rubles ($0.50).
Antipov said the data appears to have been collected by the same service that sold the fake medical records. Ashot Oganesyan, another dark web expert, told reporters that the scammers may be trying to increase their income by selling their own clients' data. These groups may also be making extra money by blackmailing their clients, he said.
Buying fake vaccination certificates in Russia is a felony punishable by up to a year in prison.
Data Ⅱ: Robinhood's User Data Sold on the Dark Web
According to the Telegram channel "Data Leak", a user posted an ad on the dark web to sell personal data of customers of Robinhood online brokerage. The seller provided 5 million email addresses and a list of 2 million Robinhood users' full names. On the other hand, it is important to note that extended data for 310 users, including names, dates of birth and zip codes, has not been sold.
Robinhood recently reported that the personal data of some of its users was compromised last November 3: "An unauthorized third party obtained limited personal information about a portion of our customers."
According to the company, the attacker used social engineering methods on a support employee and gained access to certain service systems.
In the wake of a cyberattack, some monitoring tools can alert you to which stolen credentials have been compromised on the dark web, allowing you to quickly begin limiting the damage an attacker can cause. Here's how to use two free monitoring tools - Google's Password Check and Mozilla's Firefox Monitor - to see which of your email addresses and passwords have been compromised so you can take action.