In today’s digital age, data has become one of the most valuable commodities available. People are calling data the new oil, both in terms of its value and how critical it is to how today’s world works. Thanks to this value, it has become critical to protect company data. Malicious actors look to harvest data from all over the digital world and sell it – to governments, organizations, or directly on the dark web. This has become so widespread that it’s highly likely your company data is for sale on the dark web.

Keep reading to learn more about the underground data market and what steps you can take to protect your company data from being sold on the dark web.

Just How Valuable Is Company Data?

The consequences of big breaches, like the Equifax data breach, demonstrate how valuable data can be. In the wrong hands, data can help malicious actors make their attacks even more sophisticated and dangerous. 

Hackers who make money designing online scams can use data to draw important and dangerous conclusions. For example, what kind of people are more vulnerable to phishing, or which companies are more likely to pay after being hit with ransomware.

According to certain estimates, credit card information – name, number, SSN, birth date, and CVV – of a single individual can sell on the dark web for roughly $45. Multiply that by millions of users, and you can see the scale of the problem. Obviously, corporate data can carry a far higher price tag.

How Are Hackers Getting Your Data?

Clearly, everyone wants more data. Criminals can use a variety of methods to get access to your company data and sell it to the highest bidder. Lately, attackers are using advanced automated malware to hit companies and extract critical data, often being within a system for weeks or months without being detected. 

Dridex, for example, is malicious software that can target banking and financial data using macros in Microsoft Office to infect corporate systems. Dridex in particular works by arriving on a computer in the form of a regular looking email with a Microsoft Word document attached. If the user opens the document, it will quietly cause the Dridex malware to be downloaded. Once that happens, attackers have access to banking credentials, financial records, and personal data.

How Is The Data Being Used?

The data and information that is traded on the dark web can be very useful to hackers. Often, its main use is helping the hackers execute other attacks. If hackers can parse through data to find out who a company’s leaders are, they are in a better position to target people and try to hack their email account. Once that is breached, hackers can determine what banks are being used and then deploy automated scripts to brute force their way into the accounts. 

Hackers work fast, too — according to research by the Federal Trade Commission, it only takes nine minutes to attempt using info from a data breach. That means that once your data gets compromised, you don’t have time to react — the only way is to use preventive measures.

What Can Be Done?

When data is stolen and sold, it can have devastating consequences for the victimized business. Data Loss Prevention services can keep your data secure and your company safe. 

ITsMine’s powerful Beyond DLP™ protects company data against any threats that might arise – both internal and external. Even after data exfiltration when data is taken beyond company boundaries, with ITsMine’s Call Home and File GPS features, you’ll always know where your data is and receive forensic information regarding who is using it, where it’s being used, when, and how. 

Others’ data is being sold right now. ITsMine’s solution can make sure it never happens to you. Secure yourself today – reach out


Encryption-less Ransomware: Best Practices for CISOs to Ensure Protection