Compliance Management, Threat Management, Privacy, Security Strategy, Plan, Budget

Researchers leak phony data on dark web to track journey


Researchers at Bitglass leaked the digital identity of a fictional bank employee on the dark web as part of its “Where's Your Data: Project Cumulus” experiment to help organizations understand what happens to sensitive data once it's stolen.

The identity contained a functional web portal for a fake bank, a dummy Google Drive account, bank data including real credit card numbers, and seemingly real corporate and personal data.

Attackers quickly sprung into action attempting five bank logins and three Google Drive logins within the first 24 hours. The first file was downloaded within 48 hours, the report said.

Of the hackers that accessed the Google Drive, 94 percent uncovered the victim's other online accounts and attempted to log in to the bank's web portal, the report said.

Ultimately, more than 1,400 hackers from more than 30 countries accessed the information. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.