Connect to Us LinkedIn Youtube RSS


Aruba, October 19, 2015 - Ever wonder how much your stolen personal information sells for online? Turns out not much, according to a report released Thursday by Intel Security Group's McAfee Labs. 

McAfee researchers monitored websites, chat rooms and other places on the Dark Web where stolen data — everything from credit card numbers to hotel loyalty account info — are packaged, bought and sold. 
They found that going prices ranged this year from as little as 55 cents to $1 for account login credentials to online video streaming services, to several hundred dollars for bank login credentials. 
"We found that the prices were very fluid and would change a lot. For example after one particular breach the data for stolen cards literally changed overnight," Raj Samani, CTO of Intel Security for Europe, the Middle East and Africa, told NBC News by email. "Equally, there were a lot of battles between marketplaces this year, and some of them ran away with money. All of which meant that the prices would change a lot." 
The prices for stolen data may not seem like a lot individually, but can add up quickly when you have thousands, or even millions, of victims in a hack. Take, for example, credit and debit card info — perhaps the best-known data type stolen. 
"Selling millions of cards for cents still nets huge returns. The idea is to sell a lot of accounts," Samani said. "CC (credit card) sales are mostly sold in bulk for this very reason. It's just not worth it to the seller to deal in individual transactions." 
In the U.S., stolen debit and credit card credentials typically sold for $5 to $30, depending on how much information (billing address, PIN number, date of birth, etc.) came with the account number, the report found.