Attacks/Breaches

12/12/2017
12:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Dark Web Research Shows UKs 'Riskiest' Areas to Live for Potential Identity Theft

London UK, 12 December 2017 — Research by dark web cybersecurity firm RepKnight today identifies the UK’s most ‘at risk’ areas for potential identity theft by comparing a snapshot of street addresses posted on the dark web against area population figures.

Home addresses form a key piece of the puzzle for identity theft — and with millions of pieces of other personally identifiable information also already listed on the dark web for sale (like credit card information, dates of birth and National Insurance numbers), cybercriminals do not have to work too hard to build up a profile of their targets before stealing their identity, especially if address information is available.

Topping the list of most ‘at-risk’ areas is Cambridge, followed by Dundee and Plymouth. Lerwick, Llandrindod Wells, Doncaster and Torquay also make the top 10 — each of which are significant dark web ‘postcode hotspots’ per head of population. Surprisingly, despite having the highest number of overall breaches, London’s relatively high population means the capital finds itself as low as 10th.

 

Postcode

Area

Risk index

1

CB

Cambridge

91.0

2

DD

Dundee

90.9

3

PL

Plymouth

89.8

4

M

Manchester

89.0

5

ZE

Lerwick

88.4

6

LD

Llandrindod Wells

87.6

7

DN

Doncaster

87.2

8

TQ

Torquay

86.6

9

OX

Oxford

86.4

10

Combined

London

84.9

11

BS

Bristol

83.2

12

L

Liverpool

83.2

13

PA

Paisley

83.1

14

KW

Wick

82.3

15

G

Glasgow

81.5

16

NR

Norwich

81.5

17

PH

Perth

79.3

18

SR

Sunderland

79.1

19

PR

Preston

78.3

20

CM

Chelmsford

78.2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

At the other end of the scale, the least at-risk areas in the UK are Harrogate, Slough, Newport, Warrington and Dudley.

Patrick Martin, cybersecurity analyst at RepKnight said: “The dark web is a hotbed for all sorts of stolen personally identifiable information — and while street addresses form a big part of identity theft, the general public must keep a close eye on suspicious activity that might indicate any wrongdoing with regards to any of their personal data.

“Looking at the data we’ve curated, if you have a look at just the number of instances of street addresses appearing on the dark web, London and the other big cities tend to feature quite highly. However, you’d expect to see dark web postcode activity featuring highly for cities because of the higher population figures. What’s more meaningful for the general public, though, is to be able to assess the chances of your own postcode appearing on the dark web, which is what RepKnight’s risk index enables you to do.”

RepKnight produced these statistics, which were based on a snapshot of dark web data dumps in October 2017, using its dark web monitoring tool BreachAlert.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading,  10/16/2018
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CA,  10/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Too funny!
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.