Slashdot Mirror

← Back to Stories (view on slashdot.org)

Forget Phishing Just Buy Personal Info

Posted by samzenpus on from the who-are-you-today dept.

Iago writes "If you need information about a person in Moscow, just go to the market and buy it. The Globe and Mail reports that along with the usual pirated software, cd's etc. you can find out information such as the bank records of your competitors, motor vehicle information and tax returns. The question is, how much of this information is being sold in other countries, perhaps in a more sophisticated manner?"

17 of 163 comments (clear)

  1. Known about this for years by pcmanjon · · Score: 5, Interesting

    They've been doing this for years in other countries. What most people don't realise is that most of these stories you hear about personal information/security breaches (Lexis Nexis, etc etc etc) usually goes to thugs like this.

    These thugs sell this information to people in the black market. This isn't new stuff neither, the news just seems to hover on this and "identity theft" a lot recently. It's been happening since the 80's.

  2. A better question by Anonymous Coward · · Score: 4, Interesting

    A better question is, how much of this information is real?

    1. Re:A better question by temcat · · Score: 4, Interesting

      Most of it is real, believe me. Whay fake something as big as countrywide database when you can easily bribe the right person and get the real thing. Recently there was a scandal when a Central Bank (!) database was stolen. But this is for big boys; as to the general public, stolen mobile operators databases are very popular here, because we don't have official telephone directories with personal phone numbers.

    2. Re:A better question by myukew · · Score: 2, Interesting

      I don't think so, I haven't much black market experience, but I think it's much easier to fake databases than stealing them. And judging by the ratio of fake software and audio sold on such markets I would say that the chances are good to be ripped of buying such databases

      --
      See pictures of tits
  3. Disinformation? by Anonymous Coward · · Score: 5, Interesting

    A massive flood of fake information would dilute the value of stolen i.d. right?

    1. Re:Disinformation? by lifeblender · · Score: 3, Interesting

      Not at all. It would increase the value of trusted stolen ID information. In the end, it would just make thieves use more sophisticated social networks, etc. They'd get around it, and would be willing to pay more for real data, since the work that went into collecting it and verifying it was greater.

      To sum up, it's still supply and demand, and you're talking about diluting the supply. That means that, for those who can get at the 'good stuff', it's worth more.

      On the other hand, if the FBI and the credit card companies were to engage in honey-net operations, then we're talking.

      On a related note, I just got a note from my credit card company saying that I could make a temporary credit card number for online purchases. Seems like things are looking up, if only a bit.

      --
      Playing pornographics games during the day is evil! Play at night!
  4. Isn't it scary? by Quentusrex · · Score: 2, Interesting

    Doesn't it scare all of you that this has been happening for so long already? I'm not saying there is much we can do about it, but it's still scary.

    Now think about the databases the FBI and the airport security are keeping about you. Not only that but also the ones K-Mart, Wal-Mart, Target, Giant(foods), and other stores. It shouldn't be too hard to be you. Just find out your address, and jump on Google maps. Find the nearest stores to you. With your name and address find out your shopping history. And expand from there.

    And you thought with all the political speech out there that you might actually be safe in the USA. I'll be happy being Anonymous, until I choose to be known.

  5. Buy from gangster, get burnt by Willeh · · Score: 4, Interesting
    Yeah right, and what's to say this information is actually valuable? TFA says that at least some of it is, but just like bulk email lists there's bound to be a lot of chaff in all of it, due to natural entropy of data, etc etc.

    And it's not like these lists ever get refreshed much, so what you end up with is increasingly less useful data in these lists, and the vendors don't even care about it. It's just the nature of the beast (and the overall state of former Russia, where anything goes).

    --
    Will wank off Linus Torvalds for fame.
    1. Re:Buy from gangster, get burnt by Peeteriz · · Score: 3, Interesting

      The things you can buy in Moscow market are the real thing - Russian IRS database, with the income information as accurate as the authorites have it, the living addresses are the ones that the police use, etc.

      If it says 'Tax returns 2003', then it really is the tax returns, as they were for 2003, complete with the ability to easily search for, say, addresses and family relationships of persons in your neighbourhood with more than 100,000$ income last year.

  6. not just Moscow by Ingvar77 · · Score: 5, Interesting

    In every major Russian city you can obtain almost for free a database with phone numbers(including cell), addresses, car registry and pasports for all citizens of this city.
    Even more, it's hard to find a PC in my own city that doesn't have a "Megapolice" database, which contains all above information accessible throught a single easy-to-use interface.

  7. In soviet Russia... by bloblu · · Score: 2, Interesting

    ...at least corruption was organized. I'm afraid nowadays Russia is just a big mess. You can't expect anything else.

    Anyway, I guess that these days you better have nothing to hide.

  8. Re:What, /.? You don't like it? by RAMMS+EIN · · Score: 3, Interesting

    Yes. If this information were Free, at least we would be more aware of what was happening. And criminals wouldn't be getting paid for it. This way, the criminals and the people with money benefit.

    I personally don't think I care if my and everyone else's "personal" information becomes public. I don't think there is anything extremely interesting about it. People already find out my phone number, email address, street address, bank account number, sometimes even credit card number, user name, real name, etc. etc. etc. as it is.

    All that said, I don't think it's necessary to make all everything publicly accessible. It does open the door to more fraud (although it can also help catch fraudsters more easily!), spam, etc. So let's say that public information wants to be free, and private information wants to stay private?

    --
    Please correct me if I got my facts wrong.
  9. "Private Eye" CD by Anonymous Coward · · Score: 5, Interesting

    A few years ago in Israel a CDROM started circulating with information about more-or-less the entire population. The database was probably leaked from the Ministry of Interior. It was originally used by a private investigations firm but a copy leaked and started circulating freely.

    IMHO, once it's out there it's everyone's civil duty to get a copy, just to level the playing field.

  10. Buying Personal Info, U.S. Style by divide+overflow · · Score: 4, Interesting


    The easiest way to buy personal information here in the U.S. is to set up a fake company, then request the desired information from one of the major credit bureaus: Experian, Equifax, TransUnion, or ChoicePoint. Back in February ChoicePoint admitted to releasing the information on at least 145,000 consumers to fake companies.

  11. What is unusual about this? by dan+dan+the+dna+man · · Score: 4, Interesting

    In the UK I've had the ... pleasure (?) ... of knowing some exceedingly dodgy people with very good technical skills. This information has been available to criminals with the requistite amount of cash as long as hackers (sorry crackers) decided they could make a fast buck doing companies rather than pootling around insecure university networks.

    Nothing new here and it certianly isn't limited to dodgy stalls in Moscow markets or corrupt outsourced callcentre employees.

    --
    I don't read your sig, why do you read mine?
  12. Ransom Want Ads by Valacosa · · Score: 2, Interesting

    Though this is only alluded to in the article, one of the greatest dangers is using information like this as an ransom hit-list. If you could abduct the kids of the ten richest people in Moscow, odds are at least one of them would pay up...

    Things like that are depressingly common in some parts of the world.

    --
    "Live as if you'll die tomorrow." Ridiculous. You could die later today.
  13. Don't forget offshored databases by btarval · · Score: 2, Interesting
    Probably a good deal of it. While the article focused on Russia, another recent article showed how easy it was to get the personal information of people from databases which had been offshored.

    $100 (even Canadian) per CD is a worthy amount of money in Russia or other second/third world countries where back-office operations have been off-shored to. This problem is only going to keep growing at these price levels.

    The point here is that there is very strong incentive to provide accurate data at these price levels, competition being what it will be.

    --
    The best way to predict the future is to create it. - Peter Drucker.