Resources

The Impact of Data Brokers: Uncovering Their Role in Data Breaches

Written by: Stephen Nelson

As a follow-up to my previous article regarding attack surface management, data breaches have become a recurring nightmare for organizations in the digital age. As sensitive information becomes increasingly stored and shared online, the threat of a breach continues to loom. While many factors contribute to data breaches, one that is often overlooked is the role played by data brokers. In this blog post, we will explore the intricate correlation between data brokers and data breaches, shedding light on how these shadowy entities are often at the heart of the problem.

What are Data Brokers?

Data brokers specialize in collecting, aggregating, and selling personal information. They gather a vast array of data, often including sensitive details, such as financial records, medical histories, and more. Therefore, the scale and diversity of data held by these brokers make them a prime target for hackers and cybercriminals.

Correlation Between Data Brokers and Data Breaches

One of the insidious aspects of data brokers is their ability to collect, aggregate, and sell what may seem like innocuous or “non-sensitive” information. While individual data points gathered by these brokers may not appear particularly harmful, cybercriminals understand the power of aggregating and leveraging this information, and this data can be used with various social engineering and phishing attacks.

For instance, TruePeopleSearch.com and ThatsThem.com are prime examples of data broker platforms that expose personal information that many people might consider non-sensitive. These platforms provide the user’s age, birth month and year, past or present phone numbers, and current or past addresses. On the surface, this may not appear to be particularly private information. However, when utilized by malicious actors, these seemingly benign data points can be exploited in a devastating effect.

Figure 1 – TruePeopleSearch

 

Figure 2 – ThatsThem

The Anatomy of an Attack

  1. Target identification: Cybercriminals can use data brokers like TruePeopleSearch.com to identify potential targets. Therefore, knowing an individual’s age, birth month, and birth year provides a foundation for impersonation and social engineering attacks.
  2. Phishing and social engineering: Armed with this information, attackers might pose as legitimate entities, such as financial institutions or government agencies. From there, they can use the victim’s information to craft convincing phishing emails or phone calls.
  3. Gaining trust: Attackers leverage the obtained data to build trust with the victim. They can reference accurate information like the victim’s location or recent transactions, making their communication appear legitimate.
  4. Password resets: Access to the victim’s data allows the attacker to initiate password resets on various online accounts. They can use the victim’s birthdate or address as a verification method.
  5. Data breach: Once the attacker successfully impersonates the victim and gains access to their accounts, they can compromise sensitive data, perpetrate fraud, or steal valuable information. This can lead to significant financial and reputational damage for individuals and organizations.

To defend against attacks that leverage data broker information, individuals and organizations should consider the following five precautions:

  1. Limit data sharing: Be cautious about sharing personal information online, even if it is seemingly harmless details and when possible, opt for stricter privacy settings on social media platforms.
  2. Verify communications: If someone contacts you, especially if they claim to represent a company or organization, independently verify their identity. Don’t solely rely on the information they provide.
  3. Multi-factor authentication (MFA): Enable MFA on your accounts to add an extra layer of security. Even if an attacker has some of your personal information, they’ll still need the secondary authentication method to gain access.
  4. Cybersecurity awareness: Both individuals and organizations should invest in cybersecurity education and awareness. Employees should be trained to recognize and report suspicious communications.
  5. Report suspicious activity: If you suspect you are being targeted or have fallen victim to a cyberattack, report it to the appropriate authorities or your organization’s IT security team.

If you have time and want to attempt to remove yourself from the data broker’s sites, below are some great resources at your fingertips:

Conclusion

As described above, there are several reasons why I advocate for privacy when putting information on the internet. To mitigate these types of attacks, it is vital to never post about anything sensitive, including upcoming vacations/trips, children’s school information, and car information. In summary, the “non-sensitive” information provided by data brokers can be a powerful tool for cybercriminals, enabling them to launch targeted attacks. By understanding how such data can be weaponized, individuals and organizations can take proactive steps to defend against these threats and safeguard their privacy and security.

For more information on data brokers, breaches, and more, please reach out to a member of our DenSecure team today!