Study Finds Hundreds of Stolen Data Dumps 58
Steve writes "SecurityFix reports that a group of researchers from Germany published a study in which they analyzed several hundred so-called 'drop zones,' i.e. anonymous collection points of illicitly collected data stolen with the help of keyloggers. 'Their findings, which drew from stolen data harvested from these drop zones between April and October 2008, were staggering: 33 gigabytes worth of purloined data from more than 170,000 victims. Included in those troves were more than 10,700 online bank account credentials, 149,000 stolen e-mail credentials, 5,682 credit card numbers, and 5,712 sets of eBay credentials. [...] Using figures from Symantec's 2007 study on the prices that these credentials can fetch at e-crime bazaars, the researchers estimate that a single cyber crook using one of these kits could make a tidy daily income. The full report [PDF] contains some more interesting details.'"
Yep. We're vulnerable. (Score:5, Insightful)
I've often thought that, over the ~15 year span that I've been surfing the web, I opened-up way too many accounts. I've forgotten most of them, and yet my name and address still sits there in the databases just waiting to be hacked (or sold).
Sorry to say.. (Score:2, Insightful)
Is it just me, or does this seem pretty sad, that so many of today's so called security companies, don't bother to contact the victims of this to at least tell them "Hey you might want to change your password to your online banking, someone stole it, or etc..."
I am dissapointed by our leading security community, for leaving these "dumps" in the open to review them, yes after a few days or weeks of activity, ...ok, but then afterwards, contact the victims and let them know they have been compromised.
When do they hear about it, ...never???
A fine evaluation by the researchers (Score:2, Insightful)