Researchers leak phony data on dark web to track journey
Researchers at Bitglass leaked a phony digital profile to demonstrate where sensitive data goes once it's stolen and to underscore the importance of cybersecurity.
Researchers at Bitglass leaked the digital identity of a fictional bank employee on the dark web as part of its “Where's Your Data: Project Cumulus” experiment to help organizations understand what happens to sensitive data once it's stolen.
The identity contained a functional web portal for a fake bank, a dummy Google Drive account, bank data including real credit card numbers, and seemingly real corporate and personal data.
Attackers quickly sprung into action attempting five bank logins and three Google Drive logins within the first 24 hours. The first file was downloaded within 48 hours, the report said.
Of the hackers that accessed the Google Drive, 94 percent uncovered the victim's other online accounts and attempted to log in to the bank's web portal, the report said.
Ultimately, more than 1,400 hackers from more than 30 countries accessed the information.