Details continue to emerge on the massive breach at health care company Anthem, in which hackers have gained access to information including names, birthdays, medical IDs, Social Security Numbers, street addresses, email addresses, and employment information (including income) on up to 80 million people.
While most consumers are now all too aware of what happens when their credit card data gets stolen (as it did at Target, Home Depot, and others) and sold on the black markets, what is the biggest risk to consumers with a breach like this?
Just as there are black markets for credit card information, there are also black markets for highly valuable personal data – especially Social Security Numbers, Dates of Birth, and addresses. With this kind of information, criminals can easily commit much deeper identity fraud – setting up fake bank accounts, applying for credit cards/loans, filing false tax returns for refunds – all under your Social Security number.
Free eBook: Modern Retail Security Risk – Get your copy now.
Credit card black markets are highly sophisticated (read about our expose of a credit card black market here). While we have not historically seen the same level of automation and sophistication of black markets for personal data, we are seeing early signs of these markets improving their automation. We expect this to improve rapidly with the influx of the new Anthem data. 80 million Social Security Numbers is keen motivation to trigger an increased automation and monetization of this information We are starting to see signs of this in Validshop. (See below.)
.
Consumers should continue to monitor not just their credit reports, but they should also be alert for any other signs of deeper identity fraud as these data records make their way into the black markets and ultimately into the hands of criminals globally.
You can view the original article on Easy Solutions’ blog here.
By Daniel Ingevaldson, CTO, Easy Solutions
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.