Threat Management, Malware, Threat Management

FTC finds thieves attempt to use stolen data within 9 min of breach


In an effort to see what happens after a data breach, the Federal Trade Commission leaked a database of 100 fake customers and found it only took 9 minutes for crooks to attempt to access the information.

The FTC's Office of Technology made the information realistic by using popular names based on Census data, addresses from across the country, email addresses that used common email address naming conventions, phone numbers that corresponded to the addresses, and one of three types of payment information (an online payment service, a bitcoin wallet or a credit card), according to a May 24 blog post.

Researchers then twice posted the information to a popular hacker forum where stolen credentials are shared, within 9 minutes of the second post, hackers were attempting to use the stolen data to pay for all sorts of things, including clothing, games, online dating memberships and pizza.

More than 1,200 attempts were made to exploit the stolen information. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.