There are more than 15 billion stolen account credentials circulating on criminal forums within the dark web, a new study has revealed.
Researchers at cyber security firm Digital Shadows discovered usernames, passwords and other login information for everything from online bank accounts, to music and video streaming services.
The majority of exposed credentials belong to consumers rather than businesses, the researchers found, resulting from hundreds of thousands of data breaches.
Unsurprisingly, the most expensive credentials for sale were those for bank and financial services.
“Some of these exposed accounts can have (or have access to) incredibly sensitive information. Details exposed from one breach could be re-used to compromise accounts used elsewhere.”
Among the credentials for sale were those that granted access to accounts within organisations, with usernames containing the word “invoice” or “invoices” among the most popular listings.
Digital Shadows said it was unable to confirm the validity of the data that the vendors purport to own without purchasing it. The researchers said that listings included those for large corporations and government organisations in multiple countries.
Security experts advise internet users to use individual passwords for each online service that they use, while also adopting measures like two-factor authentication where possible.
All news about deep web you can find at deepwebdot.com