Every year, massive data breaches harm the public. The targets are email service providers, retailers and government agencies that store information about people.
Each breach includes sensitive personal information, such as credit and debit card numbers, home addresses and account usernames and passwords from hundreds of thousands -- and sometimes millions -- of people.
When National Public Data, a company that does online background checks, was breached in 2024, criminals gained the names, addresses, dates of birth and national identification numbers, such as Social Security numbers of 170 million people in the U.S., United Kingdom and Canada. The same year, hackers who targeted Ticketmaster stole the financial information and personal data of more than 560 million customers.
As a criminologist who researches cybercrime, I study the ways that hackers and cybercriminals steal and use people's personal information.
Understanding the people involved helps us to better recognize the ways that hacking and data breaches are intertwined. In so-called stolen data markets, hackers sell personal information they illegally obtain to others, who then use the data to engage in fraud and theft for profit.
