News Blog Subscribe to News Blog
May 8, 2008 5:52 PM PDT

What is your stolen data worth?

Posted by Elinor Mills

You think your personal information is priceless. But everything has a price, even your stolen bank account information.

McAfee Avert Labs has discovered a price list that criminals use to buy and sell credit card numbers, bank account log-ins, and other consumer data that have been filched from unsuspecting Web surfers.

"Last Friday morning in France, my investigations lead me to visit a site proposing top-quality data for a higher price than usual," writes Francois Paget of McAfee. "But when we look at this data we understand that as everywhere, you have to pay for quality."

For example, a Washington Mutual Bank account in the U.S. with an available balance of $14,400 is priced at 600 euros ($924), while a Citibank UK account with an available balance of 10,044 pounds is priced at 850 euros ($1,310).

There's even a guarantee that if the buyer is unable to log into the account within 24 hours, maybe because the owner of the data canceled the account, the buyer can get a replacement stolen account to use.

Criminals can even buy skimmers, fake face-plates for ATM machines that steal credit card data when the card is swiped, and so-called "dump tracks" used to create fake credit cards, the McAfee blog entry says.

This follows on news earlier this week from Web security company Finjan of the discovery of a server containing stolen consumer and business data. Finjan said it found a server controlled by hackers that had more than 1.4 gigabytes of data--more than 5,000 log files--stolen from infected PCs. The stolen data included consumer and business e-mails, as well as health care patient data and bank customer data from individuals, financial institutions, law enforcement agencies, and other companies around the world.

Screenshot of price list for stolen credit card numbers and available balance amounts discovered on the Web by McAfee Avert Labs.

(Credit: McAfee Avert Labs)
Recent posts from News Blog
CBS to buy CNET Networks
Nintendo loses patent suit
Alienware: Game PCs need more than faster chips
Intel Atom chip makes strong showing at Japan conference
SFZero: A new interface for San Francisco
Add a Comment (Log in or register) 2 comments (Page 1 of 1)
by JCPayne May 8, 2008 7:26 PM PDT
That's why the law should read--- that any company with anybody's private data should have to notify customers 30 days in advance to get their consent before that info can be shared and or sold to another company or entity. If you can control who gets your data in the first place you can help prohibit from getting into places where it might get into the wrong hands.... Plus if thieves can't find any companies that want to purchase their stolen data they'd lose the potential for making a buck off it.
Reply to this comment
by mrtheduke May 9, 2008 7:27 AM PDT
Sounds like a nice idea JC, however in this case the data has been captured via trojans and phishing websites where the account holders have either been tricked into entering their information on-line by fake websites or it has been stolen from them by malicious software, so such legislation wouldn't have prevented them from getting 'filched'
Reply to this comment
Powered by Jive Software

  • About News Blog

  • Recent posts on technology, trends, and more.

Add this feed to your online news reader
Google
Yahoo
MSN

News Blog topics

Latest from News.com

Featured blogs

Beyond Binary by Ina Fried A look at how technology is changing our lives and at the people behind all that life-changing stuff.

Coop's Corner by Charles Cooper Charles Cooper weighs in on Silicon Valley hijinks, and he doesn't suffer fools gladly.

Defense in Depth by Robert Vamosi Covering the latest in computer viruses and computer crime.

Geek Gestalt by Daniel Terdiman At the tech culture nexus of video games, fire art, and virtual worlds.

Green Tech Fresh green tech news and commentary.

One More Thing by Tom Krazit Tom Krazit takes on the tech phenomenon that is Apple, and keeps a close watch on the chip industry.

Outside the Lines by Dan Farber When business and technology meet, that's when things get interesting.

The Iconoclast by Declan McCullagh Exploring the intersection of politics and technology.

The Social by Caroline McCarthy Exploring all facets of social media and tech culture.

Underexposed by Stephen Shankland Coverage of digital photography, science, and open-source software.

advertisement
Welcome (log out) |View profile
Log in | Sign up Why join?
On TechRepublic: 3 habits of highly ineffective employees
Advanced
search
advertisementUnlimited long distance $24.99/mo
Advanced
search
Visit other CNET Networks sites: