What is the dark Web?


Even the name conjures up frightening images, the dark web. It feels like a place where sinister thinks would happen. But the dark web isn’t an actual place. It’s a hidden network of websites that enables it users to keep their IP address hidden.  Firstly, anonymity software is used to mask people’s true identities. And without IP address tracing online activity, a computer can take a random route to its final – destination. Basically, bouncing around the globe. In other words, on the dark web criminals can cover up both their location and their identity.


But interestingly not everything on the dark web is illegal. Certainly, it’s the buy, swap and sell platform for thieves looking to make some quick money. For instance, after a data breach or hacking incident, personal information is then sold on the dark web. It can also be bought. Above all, cybercriminals are looking to make money off your personal information, off you good name and of course any numbers or information associated with you. Such as your credit card number, or your drivers licence number.


What Information Is Most Common and How Much Is It Worth?


But how much is your personal information truly worth on the dark web? Well, it depends on a variety of factors, some information is more valuable to criminals than others. Below are the 10 most common chunks of information sold on the dark web and how much they sell for:



  • Social Security number: $1
  • Credit or debit card (credit cards are more popular): $5-$110
  • With CVV number: $5
  • With bank info: $15
  • Fullz info: $30
    Note: Fullz info is a bundle of information that includes a “full” package for fraudsters: name, SSN, birth date, account numbers and other data that make them desirable since they can often do a lot of immediate damage.
  • Online payment services login info (e.g. Paypal): $20-$200
  • Loyalty accounts: $20
  • Subscription services: $1-$10
  • Diplomas: $100-$400
  • Driver’s license: $20
  • Passports (US): $1000-$2000
  • Medical records: $1-$1000*


*Depends on how complete they are as well as if its a single record or an entire database


  • General non-Financial Institution logins: $1


It’s important to realise prices can vary over time.


How Is This Information Purchased by Identity Thieves on the Dark Web?


Personal information is commonly bought and sold on the dark web using three main ways;


  1. Purchase data as a one-off, such as a credir card number
  2. Purchase bulk data, batches of the same types of information
  3. Purchase bundled data, this is the “premium” package for identity thieves as it includes various types of information that are bundled together


Frequently Asked Questions


Do I still need to be concerned about my data be sold if I was the data breach victim from many years ago?


Yes. The amount of fraud committed based on data breach information that is 2-6 years old has increased by nearly 400% over the last 4 years to $3.7B in 2016, according to a 2017 Javelin strategy and research presentation 


What Drives the Cost of Personal Information on the Dark Web?


The cost variations of information that’s bought and sold on the dark web are due to four main reasons which include:


  1. Type of data and the demand for that data: different types of information can bring different monetary values as mentioned above.
  2. Supply of the data: supply and demand, even applies when buying and selling stolen information. For example, when there’s a low supply of a particular chunk of information, then we see the price rise.
  3. The balance of the accounts: the higher the dollar value or points in a stolen account, the higher the price.
  4. Limits or the ability to reuse: if information can be used again or has a higher limit, it’s therefore more valuable to cyberscriminals.


So What Can You Do to Protect Yourself?


To some people even talking about the dark web, may seem frightening. As I said at the start the name conjures up some pretty scary images. But it is important to know about and be aware of what’s really going on, in order to safeguard yourself. In the news we hear about data breaches all the time, as these are on the rise and definitely out of our control. However we can form healthy practices around our own personal information. Such as maintaining healthy password practices and remembering not to share your personal information unless it’s absolutely necessary. We’re all so used to just giving our information away.


In addition, keep up your antivirus software, updates and renewals on all personal devices. These can include computer, laptop, tablet, phone and may include security patches that are also important to protecting your information.


Moreover, you can protect you and your loved ones, just check out identity protection products for yourself and your family. Firstly, Experian IdentityWorks provide products such as dark web monitoring which alerts when someone views your credit report and FICO® Score. Secondly, you can also run a free dark web scan on your Social Security number, phone number and email address. These help you keep an eye on your risk and any potential looming identity thefts.


In short remember is to secure your personal information. Don’t give it away so easily. Maintain healthy healthy password practices, and install antivirus.