Cybercriminals are not confined to one region or culture, but operate throughout the interconnected world to capitalise on evolving opportunities to steal customer data and transfer funds.
Published 25th May 2016 | Latest Refresh 13th September 2022
A web that reaches from a pocket in Pretoria to a kombini in Kabukicho.
3 min read | Reflare Research Team
The intrinsic value of customer data
We have often mentioned that even if you don't think your data is valuable, it is to some extent. You may think that you don't have a high credit card limit or you have limited funds on a debit card. Regardless of your personal wealth, your data is always valuable on the dark market.
Standard Bank in South Africa was reminded of the value of their customer's credit card numbers. More than 200 million South African Rand ($12.7million USD) was stolen from ATMs in Japan. The withdrawals were made almost simultaneously from ATMs located in 7-Eleven stores throughout Tokyo. While it appears that similar attacks took place around the world, the attackers used Japanese ATMs exclusively to steal money from the South African bank.
It's estimated that 1,600 credit card numbers were stolen. However, the hacker is most likely not the one who used the credit card numbers to steal from ATMs. Since the transactions happened at approximately the same time, it's likely that the theft was conducted by a group or black market organization that purchased the credit card details from the original hacker. Police believe that as many as 100 people were involved in the ATM withdrawals.
The efficiency of a multi-jurisdictional crime network
When hackers steal your data, they don't need to make money by using credit cards. Instead, they can sell the numbers to a third-party for a fraction of the cards' limits. The Japan ATM thieves withdrew the maximum amount allowed, which turned out to be around $1,000. When the bank, later on, marked the transactions as suspicious, the thieves had already walked away with the cash.
This story is just one example illustrating how your data is valuable to an attacker even if you might not think it is. It only costs a couple of hundred dollars to buy a machine that can copy credit card details onto blank cards. By copying the stolen information onto thousands of cards, the attackers were able to steal millions even though each individual card only had a much lower limit.
We predict an increase in this kind of attack over the coming years as banks and especially ATMs become more and more interconnected. Even if you don't think your specific data is valuable, always take the necessary steps to protect it.
Data abuse by government actors
Similarly, seemingly unrelated data can be of great use to government actors. In late 2021 former head of the National Counterintelligence and Security Center William Evanina told the Senate Select Committee that China had assembled enough private information to build dossiers on virtually all US citizens. Such dossiers can then be used to influence, intimidate, blackmail, manipulate or sway both individuals and groups of people.
Like national politicians, foreign state actors can perform cohort analysis to find ideological fault lines in populations that can then be exploited to create civil unrest or influence elections. So while the breach of a shopping site may only reveal your preference for - as a completely random example - cheese, on a larger scale this information can be used to class you into ideological groupings. Someone that buys cheese online is extremely unlikely to be vegan. If, unlike at the time of writing, veganism becomes a political flashpoint issue, such existing dossiers can be used to rapidly manipulate social media and local-level elections to cause havoc in democratic processes.
In short, there is no such thing as "irrelevant private information". All information, when paired with enough context, can be valuable to attackers.