How the Dark Web Supports Data Breaches

dark web

The dark web isn’t just a fortress for secrecy, it also serves as a black market for illegally obtained data. The anonymity of the dark web provides a safe place for hackers and cybercriminals to share knowledge and valuable information.

The dark web is a part of the internet that isn’t indexed by regular search engines and can only be accessed by specialized software such as Tor or I2P. Activities on websites on the dark web are anonymous. Hence, it is easy to trade in criminally-acquired data with little to no fear of arrest or prosecution.

Business data breaches are now a common news item. From small to large businesses, cyberattacks are increasing.

In this article, we explore some recent data breaches and their connections to the dark web.

Dunkin’ Donuts Attack

Dunkin’ Donuts (DD) have been attacked twice within a space of 90 days with the latest attack occurring in January. DD was a victim of an attack called credential stuffing.

Credential stuffing attacks involve the use of stolen login credentials from one website to access a different website. Usually, such login details are bought on the dark web.

Credential stuffing is possible because some people reuse the same usernames and passwords on multiple websites. Trying such compromised login credentials on a new website may give unauthorized access to a hacker.

In the Dunkin’ Donuts attack, attackers used credentials stolen from other websites and sold on the dark web to gain access to DD Perks accounts. These Perks accounts reward loyal customers with discounts. The buyers of stolen DD accounts use the unearned reward to get discounts and also free beverages. Hackers also targeted the personal information that was linked to the hacked account which was then released on the dark web. The attacks were carried out with automated scripts that try several combinations of exposed username and passwords to find successful ones. When a hack is successful, a hacker can mine the account for personal information and also put the accounts up for sale on dark web forums. 

Many hacker groups are reported to be renting botnets just to carry out credential stuffing with publicly released or privately sold credentials. Many online retailers are facing threats of credential stuffing as more user data are stolen in cyber attacks.

MyFitnessPal App Breach

MyFitnessPal App suffered a data breach last year that led to the release of millions of user login credentials. Hackers have been selling the login details on the dark web ever since. According to the Register, login credentials of MyFitnessPal and 15 other websites are available for around $20,000 payable in bitcoins. The reuse of passwords by some MyFitnessPal user provides hackers with an opportunity to compromise more financially rewarding online services.

With the recent large data leaks, attackers have more options to compare which passwords are repeatedly used to narrow down promising credentials. Confirmed list of passwords are then sold on the dark web fetching hackers more money.

The threat of cyberattack and dark web credential auction is real. You should protect your business by installing up-to-date security software and creating strong password policies. You can also protect your business with the dark web by monitoring it for information about your organization so you can act on time to minimize risks. All these services are provided by a managed service provider. Contact us for more information on how we can help keep your business safe and secure with our dark web monitoring and alerting services.


Leave a Reply