After the TalkTalk incident when data of over 1.2 million customers was stolen and leaked online; The Mail has reported that 14 other companies are also victims of similar attack. The Mail has also reported in its news item that the stolen data is being sold on “Dark Web” that can be accessed from a specially developed encrypted browser. The Dark Web is used by criminals to sell narcotics, weapons and other criminal elements who are involved in illegal activities including child pornography.
The 14 companies that have been affected by the leak of information include Amazon, Vodafone, Ticketmaster, Sky TV, Visa and Uber and Subway. After further investigation, The Mail discovered that the data of TalkTalk customers that includes their personal details such as names, phone numbers and email addresses as well as their financial information such as the details of their bank accounts and debit and credit cards were available for sale for GBP1.63 on the Dark Web. Police has already arrested three persons in connection with the investigations of the hacking incident of TalkTalk.
Further investigation by the newspaper revealed that the Visa debit card details of the account holders of Halifax is available for GBP10. Also, information related to the customers of Vodafone, Amazon and Sky TV are available for 10 pence. Vodafone recently confirmed that the information of its more than 1800 customers was leaked and it is possible that this information could be a part of the data being sold on the Dark Web.
The information that is being sold on the Dark Web includes login credentials of users of Amazon, Ticketmaster, Subway and Uber. These details are available in bulk for purchase. After the findings of The Mail, Subway asked its customers to change their passwords. Loyalty points of Airmiles, Boots Advantage card and Nectar card are also available for sale. The transactions on this unregulated part of the web takes place in Bitcoins, a cryptocurrency that is held in encrypted wallets and it is impossible to trace the transactions or the buyer and the seller dealing in Bitcoins.
A reporter with The Mail accessed one of the websites on the Dark Web that is quite similar to eBay. The newspaper found a seller with the alias “The Martian” selling details of TalkTalk clients and the advertisement of this seller states he has an access to the credentials of over 200,000 users. The investigation by The Mail also revealed that the advertisement listed by The Martian had 466 views and there were 18 sales. The newspaper bought a sample to check the authenticity of the available details and they were delivered details of several users.
The website also has a listing of Halifax debit card details. A seller named “Sterlingsilver” is selling the details for GBP10. The Mail contacted a customer whose Halifax debit card details and personal information was available and the customer confirmed the authenticity of the details. Similarly a seller named “Stackcash” is selling user ids and passwords of Amazon UK customers.
After the discovery of these breaches of information was reported by The Mail, the National Crime Agency and the police have initiated an investigation into these incidents.