Data breaches are a regular part of the cyberthreat landscape. They generate a great
deal of media attention, both because the quantity of information stolen is often large, and because so much of it is data people would prefer remained private. Dozens of high-profile breaches over the last few years have targeted national retailers, health care providers and even databases of the federal government, getting Social Security numbers, fingerprints and even background-check results. Though breaches affecting consumer data have become commonplace, there are other resources that, when targeted, lead to major security concerns. Recently, a hacker claimed to be selling over 32 million Twitter usernames and passwords on an underground marketplace.
But what happens after a breach? What does an attacker do with the information collected? And who wants it, anyway? My research, and various studies from other computer and social scientists, demonstrates that stolen data is usually sold by hackers to others in underground markets online. Sellers typically use their technical prowess to collect desirable information, or work on behalf of hackers as a front man to offer information. Buyers want to use stolen information to its maximum financial advantage, including buying goods with stolen credit card numbers or engaging in money transfers to directly acquire cash. In the case of social media account data, buyers could hold people's internet accounts for ransom, use the data to craft more targeted attacks on victims, or as fake followers that pad legitimate accounts' reputations. https://www.thrillist.com/tech/nation/identity-theft-what-data-breaches-do-to-credit-card-numbers-passwords/tech
