This past year has been a big one for all types of hacks. From Zappos to LinkedIn, it seems like nobody is safe. If you've ever wondered what happens to that data once it's stolen, Krebs on Security dug into the world of account resellers to see just how much your data is worth.
As it turns out, your data isn't worth much. Digging through a bunch of different reseller sites, Krebs found that usernames and passwords to accounts on Overstock, Dell, Apple, Walmart, and others sell for just $2 a pop. Others, like UPS and Fedex, go for $5 a piece. Finally, if the hacked account comes with credentials to an email address they'll get a couple dollars more. Some places even sell "logs" of user credentials and browser history for a bulk rate—one was selling 6 GB of logs for $150.
This information is gathered through any number of means, from hacks to malware. The information is then used for everything ranging from reshipping schemes to credit card fraud. Even just a small amount of your data can be used in social engineering hacks.
We've covered how to protect yourself from this before, and the simplest way is with a tool like LastPass, and two-factor authentication, because strong passwords aren't enough. If you use public Wi-Fi a lot, it's also a good idea to beef up your security on it so you can't get hacked, and dig through our security checklist for anything else you might need to do. Head over to Krebs on Security to see all the ways your account information is sold online.
Exploring the Market for Stolen Passwords | Krebs on Security via Tested