Attacks/Breaches

12/12/2017
12:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Dark Web Research Shows UKs 'Riskiest' Areas to Live for Potential Identity Theft

London UK, 12 December 2017 — Research by dark web cybersecurity firm RepKnight today identifies the UK’s most ‘at risk’ areas for potential identity theft by comparing a snapshot of street addresses posted on the dark web against area population figures.

Home addresses form a key piece of the puzzle for identity theft — and with millions of pieces of other personally identifiable information also already listed on the dark web for sale (like credit card information, dates of birth and National Insurance numbers), cybercriminals do not have to work too hard to build up a profile of their targets before stealing their identity, especially if address information is available.

Topping the list of most ‘at-risk’ areas is Cambridge, followed by Dundee and Plymouth. Lerwick, Llandrindod Wells, Doncaster and Torquay also make the top 10 — each of which are significant dark web ‘postcode hotspots’ per head of population. Surprisingly, despite having the highest number of overall breaches, London’s relatively high population means the capital finds itself as low as 10th.

 

Postcode

Area

Risk index

1

CB

Cambridge

91.0

2

DD

Dundee

90.9

3

PL

Plymouth

89.8

4

M

Manchester

89.0

5

ZE

Lerwick

88.4

6

LD

Llandrindod Wells

87.6

7

DN

Doncaster

87.2

8

TQ

Torquay

86.6

9

OX

Oxford

86.4

10

Combined

London

84.9

11

BS

Bristol

83.2

12

L

Liverpool

83.2

13

PA

Paisley

83.1

14

KW

Wick

82.3

15

G

Glasgow

81.5

16

NR

Norwich

81.5

17

PH

Perth

79.3

18

SR

Sunderland

79.1

19

PR

Preston

78.3

20

CM

Chelmsford

78.2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

At the other end of the scale, the least at-risk areas in the UK are Harrogate, Slough, Newport, Warrington and Dudley.

Patrick Martin, cybersecurity analyst at RepKnight said: “The dark web is a hotbed for all sorts of stolen personally identifiable information — and while street addresses form a big part of identity theft, the general public must keep a close eye on suspicious activity that might indicate any wrongdoing with regards to any of their personal data.

“Looking at the data we’ve curated, if you have a look at just the number of instances of street addresses appearing on the dark web, London and the other big cities tend to feature quite highly. However, you’d expect to see dark web postcode activity featuring highly for cities because of the higher population figures. What’s more meaningful for the general public, though, is to be able to assess the chances of your own postcode appearing on the dark web, which is what RepKnight’s risk index enables you to do.”

RepKnight produced these statistics, which were based on a snapshot of dark web data dumps in October 2017, using its dark web monitoring tool BreachAlert.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Diversity: It's About Inclusion
Kelly Jackson Higgins, Executive Editor at Dark Reading,  4/25/2018
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.