This hacker site has sold 24 million people’s data – so far

An illegal online underground marketplace that contained and sold sensitive information about people based outside the United States has been shut down.

SSNDOB, which saw people’s names, social security numbers and dates of birth collected and sold, was successfully taken offline through a joint operation by US authorities and their Cypriot counterparts.

Mike Kemp/Getty Images

As Bleeping Computer reported, the market itself was not your ordinary operation – around 24 million people in the United States alone were affected by its illicit activity.

Due to the scale of the operation, three government departments collaborated in shutting down SSNDOB. The FBI, Internal Revenue Service and Department of Justice were all involved.

Additional help from the Cypriot police was also a factor in the market’s cessation of operations.

The Department of Justice press release said more than $19 million in “sales revenue” had been accrued by the website owners.

A total of four domains that provided hosting services for the entire SSNDOB market were seized, including “”, “”, “”, and “”.

As for how SSNDOB market activities have managed to go unchecked since 2015, Bleeping Computer highlights how websites have effectively evaded DDoS attacks and law enforcement actions by providing various mirror sites.

This practice is common among illegal websites such as torrent services and others. The method makes it nearly impossible to target the core operation behind the websites as there is always a new domain accessible.

$0.50 to buy and use someone’s identity

The home page of the SSNDOB website.

As a result, SSNDOB saw threat actors being able to purchase “social security numbers, dates of birth, and full person information” primarily through Bitcoin, which is largely an unregulated currency that has become mainstream. among cybercriminals.

Personal information of US-based residents was up for grabs for $0.50 in some cases. Dates of birth for people residing in the UK were also sold on the website.

According to cybersecurity firm Advanced Intel, which spoke to Bleeping Computer about the matter, much of the stolen data was acquired through the infiltration of healthcare and hospital systems and was then used by cybercriminals to commit attacks. financial fraud.

“SSNDOB was one of the largest crime stores offering a collection of personally identifiable information for fraudsters and played a vital role in fraud schemes. The majority of customers used the store’s data for various types of scams, from tax evasion to bank fraud,” said Vitali, CEO of AdvIntel. Kremez told BleepingComputer.

“According to AdvIntel’s few breach investigations, the criminals behind the store specifically leveraged healthcare and hospital breach databases to provide personal information to fraudsters.”

Elsewhere, since April 2015, blockchain analytics firm Chainalysis has detailed how it uncovered $22 million in Bitcoin transactions going directly to SSNDOB. Some transfers were equivalent to $100,000 in Bitcoin; Bleeping Computer aptly points out that this tidbit indicates how cybercriminals purchased data in bulk.

Editors’ Recommendations

Comments are closed.