Weaponized Data Breaches: Fueling Identity-based Attacks Across the Globe.

Global tensions are at an all-time high, with state-sponsored adversaries, cybercriminals, and hacktivists targeting each other using data packages traded in underground communities. The number of new identity records and the depth of personal information available in exfiltrated data are expanding, creating a blueprint of our digital identities that threat actors can weaponize. Exposed identity information is now more intimate — fueling identity-based attacks across the globe.

4iQ’s latest report offers a unique perspective on how the underground Breach Economy reflects the severity of targeted public/private sector cyber intrusions and provides exclusive insight into what is reported (and not reported) in our news headlines today. The report identifies and examines the following trends from the past year:

  • 4iQ continued to see the trend of cybercriminals rereleasing big combo packages with aggregated credentials gathered from newer, large-scale breaches. Every time these big combo packages surface, billions of email addresses or usernames associated with clear-text passwords recirculate in underground communities, making the data increasingly accessible for malicious use, such as account takeover, Business Email Compromise, and other identity-based attacks.
  • There was an increase in the percentage of breach packages containing identity information beyond just credentials. 2019 saw a 10% increase in emails and passwords contained in data breaches, and a 14% increase in PII, compared to 2018. This is concerning since passwords can be easily changed but many identity attributes are permanent or very difficult to change.
  • Government breaches continue to increase year over year – in 2019, 4iQ validated 3,867 government breaches with over 356 million records exposed – enabling adversaries and foreign intelligence services (FIS) to target employees, contractors, and those who hold special clearances, especially in sensitive lines of business.
  • The average prices for Social Security numbers, passports, drivers’ licenses, credit cards and Tax ID numbers vary per record in the dark market. Of these identity record types, the average price for Social Security numbers is the highest, at $67, followed by passports, at $53.25 and drivers’ licenses, at $48. Tax IDs are the least expensive, which are only $28.75.
  • The number of new identity records exposed is growing steadily while previously exposed information continuously recirculates within underground communities. 4iQ found 18.7 billion raw identity records circulating in underground communities – a 25.5% increase from 2018. After the curation and verification process, 4iQ confirmed that 4.2 billion were new, authentic identity records, amounting to a 16.6% increase in real identity records.
  • Facing the largest number of attacks, exposed identities in the United States represented 28% of all curated records detected in breaches during 2019. The top five countries affected based on the number of compromised records – U.S., India, China, Brazil, and Russia, respectively – account for more than 81.1% of all identities compromised.

Register to download the 4iQ Identity Breach Report 2020. You can also opt in to our monthly newsletter to stay informed on the latest identity breaches, product releases and news.