The dark web is frequently home to compromised data and personal information; making it a very dangerous place to explore. On the other hand, many people ignore the obvious danger and venture forth anyway.
The human nature is naturally curious, so who can really blame them? Regardless, if you do anything beyond simple browsing, you are still more likely to get caught than not.
Take the 20 Apple employees (+2 others) recently busted for selling customer information on the dark web as an example.
The group of criminals would gather personal information belonging to customers, such as names, addresses and Apple IDs. They would then put this information up for sale on dark web marketplaces like AlphaBay.
The accounts were then sold for $1.50 a pop. A short amount of time later, over $7.36 million was made in profit. The criminals were able to use their previous experience working at the company to their advantage.
“Analysts suggested that the 20 suspects who previously worked in direct marketing and outsourcing for Apple in China managed to gain access to Apple’s internal system and develop a tool to steal customer information.”
Overall, the process of obtaining the information was relatively painless for the criminals. They manipulated the knowledge they already had to gain entrance to new knowledge that could be abused.
“According to local reports, the suspects of the alleged cyber criminal group utilized an internal system of Apple to gather names, phone numbers, Apple IDs, passwords and other information. Although local police announced that the tools used in the attack were seized, investigators did not mention how the group gained access to an internal system of Apple.”
This is not the first occurrence of a group mistreating sensitive information to make a profit. It won’t be the last either. At the very least, Apple needs to reconsider the people they’re hiring.