What happens to my stolen data after a security breach?

Read Time: 5 Min
Learn what can happen after your data is stolen in a security breach or data leak – and what you can do to help protect against cybercriminals who might buy it.

Companies and non-profits work hard to be good stewards of the sensitive data they collect from employees, customers, vendors, and external stakeholders. When those defenses are breached, and that security is compromised, companies are left feeling exposed and vulnerable – and the consequences can be devastating. Thinking about protected data as a commodity to be stolen, bought, and sold by threat actors makes that feeling of exposure so much worse.

Unfortunately, this scenario has become increasingly common, and the financial ramifications can be great. The global average total cost of a data breach in 2023 reached $4.45 million, a 15.3% increase from numbers reported in 2020.

The first installment of this article series explored the ways in which cybercriminals exploit public-facing information to refine their attacks on individuals or companies. In this article, you’ll gain insight into what happens to your data once it is stolen and what you can do to help protect yourself, your employees, and your organization.

What is the dark web?

The majority of content on the internet can’t be found using your traditional search engine. Much of that unavailable content might be information behind a private search engine or paywall, or may require account login credentials. A smaller percentage, though, is illegal content that can only be accessed using special web browsers.

The deep web contains more than 90% of all online content. It’s private and not accessible using search engines. Examples of content here include electronic health records, emails, social media messages, and information behind a paywall.

The dark web goes a layer further and includes encrypted, illegal content that can be accessed anonymously by using special web browsers.

What is available on the dark web?

The dark web operates anonymously, providing a wide variety of services and content to its users, some circumventing or disregarding legality. While not all content on the dark web is explicitly illegal, the dark web is home to a thriving marketplace of stolen data, credentials, network access, and personal protected information (PPI).

  • Stolen Personal Information: The dark web is a thriving marketplace for stolen personal information, including sensitive data such as social security numbers, driver's license details, and credit card information.
  • Fraud Networks: Fraudsters can collaborate, share knowledge, and exchange stolen information to carry out fraudulent activities.
  • Insider Threats & Data Leaks: Disgruntled employees or cybercriminals with access to sensitive information can sell it on the dark web. One recent example of this was at the end of 2022, when more than 400 million X accounts were put up for sale by cybercriminals on the dark web following a breach§.
  • Cyber Threats and Ransomware: Cybercriminals leverage dark web marketplaces to buy and sell hacking tools, malware, and ransomware.

Accessing the dark web to purchase this information allows cybercriminals to outsource the tedious task of stealing credentials or working their way in themselves.

This demand for an easier way in has spurred an increase in stolen credentials in the recent years: The number of listings for network access to organizations on dark web forums reached more than 1,200 in 2022, nearly triple the number from the previous year.

The same report found VPN and Remote Desktop Protocol (RDP) were the most common types of corporate network accesses advertised.

What is stolen data worth on the dark web?

Cybercriminals wouldn’t go to the trouble of stealing, selling, or trading data if it wasn’t profitable. But just how much is that stolen data worth? Prices across the dark web are continuously monitored, and they fluctuate just like every market.

Here is a snapshot of the average price of stolen data on the dark web:

Stolen Data Average Price in USD
Stolen Online Banking Logins (minimum $2k in the account) $60
Hacked Gmail Account $60
LinkedIn Company Page with 1,000 Followers $5
Cloned Credit Card with PIN (As of December 2022, an estimated 7.5 million credit cards were available on the Dark Web) $10-$240
Email Database Containing 10 Million U.S. Email Addresses $120

The Privacy Affairs website maintains a dark web price index. You can access it here to find additional prices for stolen data.

Did any of these prices surprise you? Demand for stolen credentials is high, as evident by the number of cyberattacks launched using stolen data. A 2023 Data Breach Investigations Report found stolen credentials were used in 31% of reported cybersecurity breaches††. Since demand is high, the relatively low cost of this information gives a hint into how much stolen data must be available. The sheer volume of data available to be purchased has driven costs down, which is supported by the findings from a 2022 survey of the threat landscape‡‡.

How can I help protect my company if our data is on the dark web?

Knowing if your information is on the dark web is a critical component of protecting yourself from threats. Leverage dark web or identity monitoring tools to help find leaked or stolen information that is being shared and sold among cybercriminals operating on the dark web.

  1. There are online data breach tools that allow you to determine if any passwords, usernames, or other account information has been exposed in data breaches. Checking these sites is often the first step in discovering if your credentials have been compromised.
  2. If an account of yours has been stolen or leaked, such as an email or social media account, identify which username and password was connected to it. Pay close attention to whether the compromised password is one you frequently reuse or iterate on (changing the numbers at the end, for example). Immediately change any passwords that might have been compromised.
  3. Determine whether the compromised account credentials (username or password) is connected to any other account. Threat actors can collect these credentials and target you through other associated accounts.

Other protective measures can include:

  • Implement security scanning tools to detect and manage vulnerabilities and help lower the risk of network and equipment compromise.
  • Enable enhanced authentication processes, such as multi-factor authentication (MFA) and enforce strong password practices within your company.
  • Cybercriminals often target employees within an organization to carry out attacks. Deliver regular cybersecurity training to raise awareness of common tactics, including business email compromise (BEC), email phishing, and vishing and smishing.

Remaining vigilant against cyber threats and raising awareness of the risks with your company can help prevent costly data breaches. For more information on implementing best practices and security controls to increase cybersecurity defenses, reach out to your relationship manager or contact our team through the link below.

Connecting you to what matters most

Huntington Commercial Bank delivers carefully structured, fully integrated solutions to help meet your unique needs.
Contact Us

Related Content

IBM. 2023. “Cost of a Data Breach Report 2023.” Accessed October 25, 2023. Cost of a data breach 2023 | IBM

Lenaerts-Bergmans, Bart. 2022. “What is the Dark Web?” CrowdStrike, September 20, 2022. Accessed October 25, 2023. The Dark Web: How to Access and Potential Risks - CrowdStrike

§ Identity Theft Resource Center. 2023. “2022 Data Breach Report.” Accessed October 25, 2023. Identity Theft Resource Center’s 2022 Annual Data Breach Report Reveals Near-Record Number of Compromises - ITRC (idtheftcenter.org)

Recorded Future. 2023. “Threat Analysis: 2022 Annual Report.” Accessed October 25, 2023. 2022 Annual Report | Recorded Future

‡‡ Recorded Future. “Threat Analysis.”

Privacy Affairs. 2023. “Dark Web Price Index 2023.” Accessed October 25, 2023. Dark Web Price Index 2023 - Exclusive Research (privacyaffairs.com)

†† Verizon. 2023. “2023 Data breach Investigations Report.” Accessed October 25, 2023. 2023 Data Breach Investigations Report | Verizon


The information provided in this document is intended solely for general informational purposes and is provided with the understanding that neither Huntington, its affiliates nor any other party is engaging in rendering tax, financial, legal, technical or other professional advice or services or endorsing any third-party product or service. Any use of this information should be done only in consultation with a qualified and licensed professional who can take into account all relevant factors and desired outcomes in the context of the facts surrounding your particular circumstances. The information in this document was developed with reasonable care and attention. However, it is possible that some of the information is incomplete, incorrect, or inapplicable to particular circumstances or conditions. NEITHER HUNTINGTON NOR ITS AFFILIATES SHALL BE LIABLE FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (DIRECT, CONSEQUENTIAL, SPECIAL, INDIRECT OR OTHERWISE) RESULTING FROM USING, RELYING ON OR ACTING UPON INFORMATION IN THIS DOCUMENT OR THIRD-PARTY RESOURCES IDENTIFIED IN THIS DOCUMENT EVEN IF HUNTINGTON AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF OR FORESEEN THE POSSIBILITY OF SUCH DAMAGES, LOSSES, COSTS OR EXPENSES.

Lending and leasing products and services, as well as certain other banking products and services, may require credit application approval.

Third-party product, service and business names are trademarks/service marks of their respective owners.