New Usernames and Passwords Leaked Daily
What if there was a way to identify future attacks on a company just by reading publicly available sources on the internet? Or to identify emails and passwords that have been stolen and shared by hackers on publicly facing websites, like Pastebin.com, which was initially designed for programmers to share software code? Well, now there is, using a strategy that OCD Tech has developed off of an industry standard, to collect target data from the internet.
This approach involves the data-scraping of, or query of target data, from specified websites which are commonly accessed sites by hackers. Our process to pull and retrieve inquiry data based on search criteria set by our IT security team performing the data analysis has been a success. In our current 3-month data scraping efforts at OCD Tech, we’ve scraped 1.64 million pastes from Pastebin alone. Out of our scrapes from Pastebin, roughly 465,000 contained content which looked similar to an email and password; about 1 in every 350 pastes. In addition, we have been able to recognize that there are IP addresses uploaded to Pastebin which could create a link to the individual user’s computer from which information was compromised and is now publicly accessible.
In 2016, according to an independent study done by the Ponemon Institute LLC using research sponsored by IBM, the average cost for a lost or stolen record was $158, up $4 from 2015. If the institution breached is a healthcare organization, however, the average cost could be as high as $355 per record. The cost per record for education organizations is higher than the $158 average as well, and could be as high as $246 per record.
For companies looking to work with OCD Tech in regards to this service, the benefit is that we are able to use key words related to our customers to identify future attacks to various companies, or previous attacks where data that was stolen is shared on the web. Currently, the average breach identification recognition is 98 days for financial firms, and is 197 days for retailers according to ZDNet. With our data scraping services, we assist any organization in being significantly more proactive when identifying breaches or responding to data theft.
Check out our infographic about our pastebin leaked data scraping finds!