Experts track personal data’s murky journey around the dark web

Illustration picture.

Illustration picture.  (REUTERS/Kacper Pempel )

Security company Bitglass has tracked data travelling the murky recesses of the hidden Internet, or dark web, noting that the information was shared across five different continents and 22 countries in less than two weeks.

As part of a tracking experiment last month, the data protection specialist placed 1,568 fake names, social security numbers, credit card numbers, addresses and phone numbers on an Excel spreadsheet. Bitglass then used its proxy technology to mark the spreadsheet with a digital watermark, which contacts the company’s server when the file is opened, recording information such as IP address, geographic information and the device used to view the file.

The document was placed on seven ‘dark web’ sites believed to be frequented by cybercriminals, as well as the file sharing site DropBox. Bitglass discovered that, within just 12 days, the data was accessed from five continents and 22 countries, including the U.S., U.K., Nigeria, France, and Russia. The spreadsheet, which was accessed most often from Nigeria, Russia, and Brazil, was viewed 1,081 times, and downloaded 47 times.

Bitglass CEO Nat Kausik told that two particular “cliques” of people accessed and shared the data – one in Nigeria and the other in Russia. “They were probably trying to figure out whether it was real or not, or maybe they sold it on,” he said, noting that a social security number is worth about $50 a head on the dark web.

The darker recesses of the web continue to pose massive technology challenges to law enforcement. Last year, for example, a Brazilian police investigation cracked a high-tech child porn ring buried deep inside a dark web or “darknet” – private networks built from connections between trusted peers using unconventional protocols. Dark webs typically run on the fortress-like Tor network.

Tor, which stands for ‘The onion router,’ started out as a military project, but now functions largely as a highly clandestine civilian network.

“What we were trying to find out was ‘how liquid is the data once it has been breached?’”  Kausik told “What we have learnt is that there is a pretty liquid market for this.”

Follow James Rogers on Twitter @jamesjrogers