Cybercriminals were recently found selling personal information of American children on different dark web markets. While the individual set of information is being sold at $10, bundles of sets are also being advertised at $490 or as high as $790.
According to a report from Motherboard, hackers have been stealing data from hospitals and pediatricians and are targeting children born between 2000 and 2010.
Emily Wilson, VP of research at cybersecurity firm Terbium Labs notified Motherboard about the scam. Most of this stolen information is already available for sale on the popular dark web market Dream.
“For very young children it's reasonable to assume criminals are sourcing the data through access points in hospital networks or government systems. In this case, the vendor is explicit about the hospital connection,” Wilson told Motherboard.
Wilson reports that the data stolen and being sold on the dark web primarily pertains to children between the age of 8 and 18 years old. The dark web vendors were found selling the data through an advertisement titled “USA KIDS FULLZ”.
The advertisement contains information includes children’s names, addresses, phone numbers, dates of birth, and Social Security numbers. For the children impacted by this dark web sales, most of them likely won't be able to open lines of credit for another five to ten years—plenty of time to do some serious financial damage.
In the dark web listings, the vendor also notes that these children ‘generally speaking come from good families who can provide [and pay for] medical support,” said Wilson, Motherboard reported.
This online sale of kids’ data poses a new threat, if not taken seriously. “As children get older, their data starts to enter the system more broadly, through school registrations and other activities,” Wilson added.