How safe is your ID? How the Dark Web is enabling identity theft and holding businesses to ransom

Many of us have received a suspicious email at least once in our lives, whether it was announcing a lottery win or notifying you of the need to update your bank login details. If this has happened to you, your personal logins and passwords could have already been exposed and sold to hackers on the Dark Web.

The number of people’s personal logins and passwords for sale on the Dark Web (the encrypted part of the internet that enables illegal activities to thrive) continues to grow each day.

According to the research firm Security In Depth, the reported incidents of cyber-attacks and data breaches have increased by more than 700 per cent since February last year, costing the nation $7.8 billionĀ¹.

How do data breaches occur?

Data breaches are often caused by malicious software, or ‘malware’, installed by criminals to capture sensitive information.

One common type of malware used in data breaches is able to collect payment card data from point-of-sale systems. Another targets businesses, invading their computer systems and literally putting their operations to ransom.

Why your personal data is so profitable to identity thieves

If criminals have even the smallest of personal information, they can ‘hack’ your business’ computer systems and hold it to virtual ransom. It can also put your business on hold indefinitely.

A batch of 1,000 Gmail accounts can be ‘bought’ for as little as $200 on the Dark Web. Credit card details available on the Dark Web are also prolific and particularly profitable when paired with a bank ID number, date of birth and other identifying information.

Five things you can do to protect yourself and your business

The risk of a business’ passwords being discovered and sold on the Dark Web is a very real possibility. Consider implementing the following to help keep your business safe from hackers.

  1. Create strong passwords that include upper and lower case letters, numbers and special characters.
  2. Always use Multi-Factor Authentication (MFA) where available, as it requires more than one method to verify your identity before logging in.
  3. Do not keep reusing the same passwords over and over.
  4. Consider using a Password Manager – remembering just one master password allows you to manage different passwords for all your accounts.
  5. Regularly review your bank statements for signs of suspicious activity.

How Resilium can help

Contact Resilium and speak to one of our Advisers today about arranging Cyber Insurance cover for your business.

For more information about Cyber Insurance, click here.

The information provided in this article is of a general nature only and has been prepared without considering your individual objectives, financial situation or needs. If you require advice that is tailored to your specific business or individual circumstances, please contact Resilium directly.


  1. Australian business ‘completely unprepared’ for cyber hacks, up 700%, Sydney Morning Herald, August 2019