Stolen Data From Federal Workers Is Worth $140 Million On Dark Net

Jun 12, 2015 at 3:34 PM ET

The data breach that may have led to the theft of a trove of personal information about millions of federal employees could be worth more than $140 million if sold on the dark net, and it appears that some sellers may already be peddling the stolen data.

Vocativ’s analysis of several of the biggest marketplaces on the dark net on Friday found multiple sellers offering sets of stolen personal information. The prices on the sites we looked at, which include Agora, Alpha Bay and Nucleus, range from 50 cents to $10 per data set, depending on the number of sets purchased. Some sellers were offering the sets in bundles of several thousand, at prices as low as 50 cents a set. Other sellers were offering fewer sets—sometimes just a single set of personal information—for $10. The sets included Social Security numbers, addresses, phone numbers, gender, date of birth, race, marital status and ethnicity—basically everything a person would need to steal someone’s financial identity.

While it’s unclear when exactly the server at the federal government’s Office of Personnel Management was hacked, the massive breach was discovered in April. At the time, the White House said 4.2 million people were affected. A few of the sellers we found on the dark net on Friday used the phrase on their seller pages “updated 4.22,” which could be a veiled reference to the 4.2 million people that the government said were impacted by the breach. Other sellers boasted on their pages “new DB added,” with “DB” referring to a database. The dark net is only accessible via special browsers, like Tor, that allow buyers and sellers to remain anonymous and make it much harder for police to track.

The American Federation of Government Employees, the largest labor union for federal workers, confirms that all of the information being offered by the dark net sellers is data that would have been found in the files of federal workers. On Friday, the Associated Press reported that a Congressional official with knowledge of the investigation into the breaches said that the number of people whose information was compromised is likely to be closer to 14 million than 4.2 million. If that’s the case, the total value of the breach, based on the prices that we saw listed on the dark net, would be $140 million.

It’s common on the dark net for wholesalers of stolen data to sell that information in chunks to smaller sellers, who then do their resellng, according to Philip Rosenthal, a computer crimes expert who has worked with multiple law enforcement agencies including the FBI and the U.S. Secret Service. He says a lot of the data sets will actually be of little or no value to a person who wants to use them to do something illegal, like obtaining false drivers licenses and other government documents, or to commit financial crimes.

“The reason they sell so many at once is because for every 10 they sell only one will work,” he says. “Especially in a massive case like this, people suspect their information has been compromised and they take steps to correct it.”

Both government officials and the AFGE believe that the hack was conducted by the Chinese, although they have stopped short of saying it’s the work of the Chinese government. The Chinese government has refjected that claim.