FTC: Cybercriminals find stolen personal data within 9 minutes of hackers posting it

Identity thieves can find stolen personal data less than 10 minutes after it's posted online, according to new research from the Federal Trade Commission's office of technology.

The FTC researchers created a database of roughly 100 fake consumers, including names, addresses, email addresses, phone numbers and payment information. On two different occasions, the researchers posted the data on a website hackers and other cybercriminals use to release stolen credentials.

"The criminals were quick to pounce," Ari Lazarus, consumer education specialist at FTC, wrote on the commission's blog. "After the second posting, it took only nine minutes before crooks tried to access the information."

The FTC identified more than 1,200 attempts to access the fake email and payment accounts. The identity thieves attempted to use fake credit cards to pay for a range of activities, including clothing, games and online dating memberships.

The researchers found two-factor authentication helped to prevent thieves from accessing the consumer accounts. "Because these thieves did not have access to the second factor, they were unable to access the accounts," Lazarus wrote. "It's not a cure-all, but it can help."

Click here to view the blog post.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars