US Authorities Shut Down SSNDOB Marketplace Selling Data of over 24 Million People

The US Department of Justice has shut down SSNDOB, a popular darknet marketplace for trading compromised Social Security Numbers, dates of birth, credit card numbers, and other sensitive personally identifiable information (PII).

Thought to possess the stolen PII of over 24 million Americans, SSNDOB operated using at least four related domains: "ssndob.ws," "ssndob.vip," "ssndob.club," and "blackjob.biz." It employed a series of complex tactics to avoid attacks from competitors and crackdowns by authorities.

Cybercriminals routed operations through other countries

The cybercriminals used bitcoin for payments and routed traffic through servers in Cyprus and Latvia, which meant the joint task force assigned to halt the operation, which included FBI and IRS agents, had to work closely with their European counterparts.

“Identity theft can have a devastating impact on a victim’s long-term emotional and financial health,” said Special Agent in Charge Darrell Waldon from the IRS. “Taking down the SSNDOB website disrupted ID theft criminals and helped millions of Americans whose personal information was compromised.”

A multimillion-dollar business

According to blockchain analysis firm Chainalysis, SSNDOB started receiving bitcoin payments as early as 2015 and had revenue of over $22 million. Moreover, it seems to have had a close partnership with defunct darknet marketplace Joker Stash, to which it sent a payment of $100,000.

A Bleeping Computer investigation also revealed that much of the data SSNDOB had come from hospital data leaks.

Brokering criminals

Marketplaces like SSNDOB operate on the darknet and broker the buying and selling of personal information, usually acquired through data breaches and data leaks or directly stolen from the rightful owners. The data is then sold to other criminal groups that use it for identity theft, credit card fraud, forged documents, all kinds of scams, and even international terrorism.

For example, just by knowing your name and Social Security Number (SSN) a criminal can open a credit card or take out a loan, they can open a new phone account, can get medical care in your name, get a driver’s license, or even claim your tax refund.

What can you do?

Because much of the personal data linked to you can’t be changed or is very difficult to change (SSN number, date of birth, biometric data, address, name, etc) it’s always better to prevent data theft than to deal with its aftermath.

• Don’t give away personal information to everyone asking for it. Lots of websites and services suffer data breaches. Only share what is needed with entities you trust. Additionally, be wary of people contacting you through email, messages, or phone calls and asking for personal information like your SSN, date of birth, address, or financial details.
• Freeze your credit. A credit freeze, also known as a security freeze, is the best way to help prevent new accounts from being opened in your name. You can then unfreeze your credit if you really need to apply for credit.
• Don’t store or share unprotected documents containing personal information. They can be stolen or intercepted if someone gains access to your device. Consider installing a dedicated security solution to keep your devices malware-free and a VPN (Virtual Private Network) to secure your connection and data transfers.
• Always destroy physical documents that contain personal information before throwing them in the trash. Criminals could easily get it by dumpster diving.
• Consider employing the help of a service that can manage your online footprint. Bitdefender Digital Identity Protection lets you know if any of your personal information has been exposed, including your Social Security Number, and constantly scans the dark web for leaked data so you can take the right actions to protect your digital identity.