Thousands of online identities stolen every day in MK by slick cyber hackers

Cyber hackers are trading online passwords of tens of thousands of people in Milton Keynes in a bid to extort them for cash and goods, a group of undercover online moles have found in a special probe by the Citizen's Johnston Press Investigations team.

Thursday, 3rd August 2017, 1:00 pm
Updated Tuesday, 12th September 2017, 11:19 am

The number has spiked rapidly over the past four months in a shocking sign that illicitly obtained personal data has become one of the fastest growing tradeable commodities online.

A list of postcodes this weeks shows which areas of MK are rife for identity theft and which ones are relatively safe.

The worst area is MK4 which includes – Westcroft, Tattenhoe, Furzton, Shenley Brook End and Emerson Valley. Here, a staggering 36,657 people have had their details hacked.

Second worst is MK1 (Denbigh North and Mount Farm)where 21,181 people and businesses have been affected.

The postcodes with the lowest cyber crime stats are MK9 (CMK and Campbell Park), MK15 (Bolbeck Park, Downhead Park, Pennyland, Fox Milne, Pineham and Northfield) and MK11 (Stony Stratford and Kiln Farm).

Dark web marketplaces are now even offering money back guarantees for bulk purchases on people’s account passwords, which can come coupled with one or a mix of email addresses,credit card numbers, usernames and even personal details such as first cars and mothers’ maiden names.

Yet studies have revealed that many people are unaware that, at the very least, their email address and password is on sale.

The worrying statistics have been collated over a series of years by a team of cyber moles embedded in the murkiest reaches of the web, observing wholesale transactions through encrypted chat rooms.

Emma Mills is chief operating officer of C6, which runs the website. She said: “As consumers we have never really paid the price for fraud. We don’t see the downside to ourselves of being careless with our personal information.”

She added: “We don’t clearly understand the impact of having our identities compromised and how long and painful it is to re-build that genuinely, it causes problems with applying for credit or any other form of account.”

On its own, a person’s streaming service account details – a username and password – could be seen as innocuous. But profiles can then be ‘enriched’, often over a series of months, or even years.

If, like half of all internet users, a person uses the same password for multiple accounts those Netflix login details could be crucial to gaining access to a person’s email address – and with it a host of other accounts simply by pressing the ‘forgotten password’ button.

Once the identity is rich enough, fraudsters can open credit card accounts in a person’s name, buy goods and transfer money.

“They will watch you log in on multiple occasions until they have built up a full picture of you,” said Emma.