143 million. The number of US consumers potentially affected by the recently announced credit services data breach is staggering. It’s nearly half the US population. And as a credit reporting service, this data includes names, addresses, financial histories, social security numbers, banking information, and even driver’s license numbers. It may take years to fully understand and resolve all of the potential personal and financial implications.
The data that was stolen in this attack is especially valuable. Credit cards are cheap and easy to replace, and subsequently have little resale value on the DarkNet. But the data targeted in this case is different. It includes everything a criminal enterprise would need to establish a lucrative identity theft operation, like the one that Fortinet’s FortiGuard team helped Interpol uncover last year in Nigeria. In similar cases that FortiGuard has followed, we have seen such data used for things ranging from identity theft to money laundering, and even the financing of terrorism.