What's Your Digital Data Worth?

Your complete digital life, including data from your social media accounts, banking and credit card details, can be sold by cyber criminals for less than $50.

Researchers at Kaspersky Lab, a leading cybersecurity company in Russia, found that while our identity may not be worth a lot in terms of dollars, it is a significant asset to criminals in other ways. The research uncovered an appetite among cybercriminals for data stolen from popular services, including via social media accounts and remote access to gaming websites. 

User confusion about what their data is worth could result in a haphazard approach to security, making it all too easy for thieves to steal data and commit crime.

Data stolen due to people's lax security may have limited resale value, but can be put to many uses.
This can cause huge problems for an individual victim, who may lose money and their reputation, find themselves being chased for debt that somebody else has incurred in their name, or even suspected of a crime that somebody else has committed using their identity as a cover. 

Kaspersky Lab investigated Dark Web markets to find out how much personal data is worth, and how it is used by criminals.
The dark web, also referred to as the darknet, is an encrypted portion of the internet that is not indexed by search engines. These networks use the internet but require specific software, configurations, or authorisation to access. 

The researchers found that criminals can sell someone's complete digital life for less than $50; including data from stolen social media accounts, banking details, remote access to servers or desktops, and even data from popular services like Uber, Netflix, and Spotify, as well as gaming websites, dating apps, and porn websites which might store credit card information.
Meanwhile, researchers found that the price paid for a single hacked account is lower, with most selling for about USD 1 per account, and with criminals offering up discounts for bulk-buying. 

The most common way criminals steal this sort of data in the first place is via spear phishing campaigns or by exploiting a web related security vulnerability in an application's software.

After a successful attack, the criminal gets password dumps which contain a combination of emails and passwords for the hacked services. With many people using the same password for several accounts, attackers might be able to use this information to access accounts on other platforms too.

Some criminals selling data even provide their buyers with a lifetime warranty, so if one account stops working, the buyer will receive a new account for free.

"It is clear that data hacking is a major threat to us all, and this applies at both an individual and societal level, because stolen data funds many social evils," said David Jacoby, Senior Security Researcher at Kaspersky Lab. 

"Fortunately, there are steps we can take to prevent it, including by using cybersecurity software, and being aware of how much data we are giving away for free, particularly on publicly available social media profiles, or to organisations," said Jacoby.

People can avoid such risks by taking several easy security steps, which should become an integral part of any Internet user's digital life. 

To stay safe from phishing, always check that the link address and the sender's email are genuine before clicking anything. A robust security solution will also warn you if you attempt to visit a phishing web page. 

To avoid one data leak harming all your digital identities, never use the same password for several websites or services, researchers said.

Economic Times

You Might Also Read:

Buy A Dark Web Passport Scan For $15:

« Are Bank-backed Cryptocurrencies The Real Future Of Blockchain?
Hackers Are Targeting Young Video Gamers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

InfoSec World

InfoSec World

InfoSec World conference and expo covers all aspects of information security with a broad agenda of sessions on key security issues.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Vysk Communications

Vysk Communications

Vysk is an award-winning mobile security firm that has developed the world’s most secure system for voice communication.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Digi International

Digi International

Digi is a leading global provider of mission-critical and business-critical machine-to-machine (M2M) and Internet of Things (IoT) connectivity products and services.

Nordic Cyber Summit

Nordic Cyber Summit

Nordic Cyber Security Summit addresses a wide range of technological issues from the IT Security spectrum and also provides a wider perspective from all aspects of the industry.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Jacobs

Jacobs

Jacobs is at the forefront of the most important security issues today. We are inspired to be the best and deliver innovative, mission-focused outcomes that matter to our clients.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

White Hawk Software

White Hawk Software

White Hawk provides code tamper-proofing solutions to protect mission critical software applications from malicious and Zero day attacks and reverse engineering at run time.

Panacea Infosec

Panacea Infosec

Panacea Infosec is a leading provider of information security compliance services. We help our clients in protecting their data, reducing security risks and fighting cybercrime.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.