CMI Blog

What Do Hackers Do With Stolen Data?


A business’s data is typically a lot more valuable than bank details. This is because, as we’ll see below, data can be used for a number of different activities, each with hefty financial rewards. It’s hardly surprising that the latest trends in cyber security are data focused. So, if you’ve ever stopped and asked “what do hackers do with stolen data?” then read on.

They’ll hold it to ransom 

This is the most popular form of cyber attack for a reason. It’s also fuelled some of the most high profile attacks this year. If a hacker gains access to your system – phishing emails beinparticularly popular method - they can easily encrypt your data, cripple your IT, and refuse to revert things until a ransom is paid. Another prong to this attack involves removing data and threatening to post it online unless a ransom is paid. Ransoms are typically paid in cryptocurrency, however – to make matters worse – payment is not the right response. Unsurprisingly, hackers are known for not sticking to their word and unencrypting files. And even if a business can recover its data via a backup, there’s always the risk the data will be made public by the hackers. This means that good cyber defences and cyber awareness training are the only response. 

Infrastructure theft and cryptojacking

Your business’s IT systems can wield some pretty formidable computing power and stealing login data can put that power in a cyber criminal’s hands. This can be used to carry out the kinds of large scale computing tasks they’d never be able to otherwise. A perfect example being cryptojacking: using a target’s computing power to mine cryptocurrencyBesides seeing your IT slow down, these attacks can be hard to spot. 

What Do Hackers Do With Stolen Data?

They'll hire out your system as a botnet

Similarly, a criminal could use your login data to link your IT up to a botnet. This is a network of hacked computers, servers, and IoT devices. As with cryptojacking, this combined computing power gives criminal organisations the ability to carry out large cyber crimes. Namely DDoS attacks. This is the act of overloading another website with so many requests that it’s rendered incapable of processing them and thus functioning properlyThis service can be seriously valuable to anyone looking to sabotage another site. 

Sell your data on the dark web

Stolen data can be equally useful to an anonymous buyer on the dark web. To the right bidder, it can be used to carry out any of the above, commit identify theft, or multiple forms of financial crime. Even a stolen email login is valuable to other cyber criminals looking to carry out a phishing scam. With payments in cryptocurrency, the dark web offers a fluid marketplace for trading stolen data. 

They may use your data themselves

A criminal can make purchases or commit fraud of their own. This is less common – the attention of the authorities and modern fraud prevention technology is attracted far too easily. That said, acts like purchasing items online, applying for loans, paying off debt, and more, can all be done using stolen data.

What do hackers want with stolen data? The power to harness that data for further illicit means. Data is a tool that can be used for an endless number of lucrative and illegal operations and this list of operations is likely to grow as both IT and criminals get more advanced. Therefore, most of the data on our computers could be considered fair game to cyber criminals.  

Your company’s cyber security position can be rapidly improved with the help of our free, 30-minute no-obligation cyber security consultation. Book a cyber security consultation now and we can begin establishing a robust defence for your organisation.


Topics: cyber security

Graham Stead

Written by Graham Stead

Graham joined CMI following the acquisition of his previous business in 2016, having successfully run that for business for 20 years. Graham's absolute focus is on making sure that we consistently hold our clients central to everything that we do, and is often heard repeating our mantra "we exist to make a significant positive impact on our clients business". Graham and his team work closely with our clients to educate, inform, and ultimately to provide technology that delivers that positive impact. Outside of the office, he is a huge supporter of Bone Cancer Research Trust and has raised over £130,000 for them in recent years.

Know someone who
would benefit from CMI?