Data Breaches and the Dark Web: Could someone be stealing your identity? 

How cybercriminals can sell your information and how to prevent it

The term dark web is often thrown around loosely these days in pop-culture, but this is one instance when the reality really is as ominous as it sounds. The information and identity of users on the dark web is encrypted, making them inaccessible in regular search engines and their IP addresses almost untraceable. This opens the floodgates for illegal activity and trade, usually associated with illicit activities such as narcotics and weapons. However, one of the least spoken about, but perhaps the most directly damaging to an individual or a business, is the sale of personal information. 

On the July 30, cybercriminals attacked the British Dental Association (BDA), who stated the next day that they “cannot, as yet, confirm the full extent of information that has been accessed” but that patients bank account numbers, sort codes, case notes and more were potentially compromised and stolen from their servers (Source: dentistry.co.uk). However, the question remains: how likely is it that this information may be sold on? 

Identities: One of the dark web’s hottest commodities 

At the start of 2019 alone, 4.1 billion personal records were leaked due to data breaches (Source: Forbes). But is there value in this information? 

The IMF has said that identities, credit cards and bank details are the second most wanted “product” on these markets after contraband and pharmaceuticals, with a full identity being sold for up £2400 (Source: top10vpn).   

With the recent data breach in the BDA, these cybercriminals have potentially gained millions of pounds worth of identity information which could be auctioned, sold and transferred with complete anonymity, not including the business information for dental practices which may have been included in this breach. 

How can you protect this information? 

There are a few techniques which you should look at trying, both as a practice or as a patient worried about your information being distributed illegally: 

• Change the locks: One of the first things you should do is changing all your passwords, and use a password manager to create unique, secure passwords  

• Be vigilant: Scammers may try and contact you via phone or email claiming to be from a bank or even from the BDA themselves. These organisations will never ask for bank details, so look out for this red flag. 

• Safeguard your patients: If you run a dental practice, contact the BDA to find out if any of your patients’ information has been affected. If this is the case, contact those patients immediately to ensure they can take correct measures to secure their data. 

• Scan the Dark Web for information: The only proper way to find out what information is being traded on the dark web is by scanning it with tailored software to ensure this data is not being used maliciously. 

That last point is the tricky one and is not an easy task.  At Inspire we have worked with many clients using our detailed dark web scanning service to ensure their business and client information has not been compromised and out of the hands of criminals. 

If you are worried about the security of your commercial, client or patient information, contact us today to find out more about what we can offer to safeguard your business.