What Happens to Stolen, Sensitive Data?

By Karen A. Frenkel  |  Posted 02-26-2016 Email

An experiment designed to lure dark Web users to steal fake bank information showed that most hackers accessed other apps, downloaded and cracked encrypted files and attempted to cover their tracks. The goal of the experiment, known as Project Cumulus, was to help organizations understand what happens to sensitive data once it has been stolen. Bitglass, a data protection company, ran the experiment and released findings in its report "Where's Your Data?" Bitglass researchers created a digital identity for an employee of a fictitious retail bank, a Web portal for the fake bank and a Google Drive account complete with real credit card data. They pretended that the fake employee's Google Drive credentials were stolen via a larger phishing campaign. They leaked those "phished" Google Apps credentials to the Dark Web and tracked activity in the fake employee's online accounts. Hackers did not know that Google Drive activities were being monitored for a month and that files were embedded with Bitglass watermarks. Here's what happened next.

Karen A. Frenkel writes about technology and innovation and lives in New York City.


Submit a Comment

Loading Comments...