The equivalent of 291 records was stolen or exposed every second in the first six months of 2018, according to digital security company Gemalto’s Breach Level Index report.
In total, the report states, the equivalent of 3.3 billion personal records were leaked last year.
This is, obviously, historically unique — but nonetheless, a reality of life in the digital world.
In the physical world, we live in houses. Whether it’s an apartment, a sprawling Manhattan loft, or a cozy four-bedroom in suburbia, somewhere in this world, we all have somewhere to lay our heads at night, a roof we prefer to stare at, and four walls we prefer to enclose us.
Inside these four walls, we accumulate and store material objects of various personal significance — some, not so much (more matters of transience and convenience), others of meaning to us and us alone, and others that hold the very keys to constructing our realities.
Due to some ridiculous joke of our material form, the elements of our identity that provide us the most material stability are the very same elements most vulnerable to attack. In my hands, my cell phone, credit card, and passport are tools of survival that keep me safe and give me freedom. But in the hands of someone else, these very same items act as weapons.
Herein lies our social conundrum. In the digital world, we do not live in houses. We do not even live in apartments. We do not even live in individual rooms. We live in a collaborative, labyrinthine web woven of mind and intention, and in a sphere so fundamentally based on sharing and interactivity, notions like “walls” and “unique” and even “individual” begin to feel not only antiquated but even idealistically gauche. Googlebot knows no “individual.” No one cares enough to bother you as an individual, either. The law of risk compensation.
Except for one key feature, not even in our data are we individuals. You’re right that no one cares enough about you, Jim Reader, the individual person. But en masse? You are not Jim Reader anymore. You are, effectively, worth the combination of how much you’re worth divided by how difficult you’ve made it to steal you. But honestly, you are not special. You are bottom-dollar. At best.
We all are.
Definition of a Data Breach
When writing this story, I was a little bit stuck trying to think of different ways to describe its basic premise: basically, information was stolen (or lost?). Data leak, hack, records exposed, data stolen, information exposed, records illicitly obtained, etc. etc. Not a single one of these euphemisms fits the ultimate adage of writing: “Show, don’t tell! Communicate what’s happening with concrete nouns and vivid verbs.”
In my awkward ongoing dance with potential synonyms, every article of my research continuously alluded to our primary topic via one particularly un-sexy term in particular: a data breach. Breach is not a sexy word, and my job is not to recycle other writers’ adjectives. But I employed my good sense (read: habit) and hit up my thesaurus. Even if you think you know the meaning of a word, sometimes you can learn a lot more about the underlying idea by going back to basics. Dictionary definitions are flirtatious wormholes, not the laws of God.
The definition of “breach” was enlightening, and suddenly, it struck me how profoundly perfect the term happens to be for encapsulating an event of such modernity we find, even in our violation, to be somewhat hazy in analysis and infinitely difficult to describe.
Breach (noun): the act of breaking or failing to observe a law, agreement, or code of conduct.
It was a breach.
These companies did breach our trust, in a way. These aren’t leaks, like hazards of hardware due to faulty equipment or poor engineering. These are breaches. These are systemic violations. These are breaches between these companies and our trust.
Synonyms: contravention, violation, breaking, infringement, dereliction, neglect.
More than an accident or cosmic parable or casualty of technocratic circumstance, the 944 large-scale corporate data breaches that compromised 3.3 million personal records were, at their very most core, exactly that:
But those last two synonyms seem to not be the same …
Contravention: an action that violates.
Dereliction: the state of having been abandoned and become dilapidated.
How can these both be equivalent?
Lovesong in a Psychograph (n) :
Contravenious Act: Cambridge Analytica’s deal with Robert Mercer to use behavioral psychology in digital advertising to manipulate consumer opinion prior to the election using the internet and psychographic modeling techniques.
“Rules don’t matter for them,” said Christopher Wylie, one of the firm’s founders, of himself and his colleagues. “For them [us], this is a war, and it’s all fair. They want to fight a culture war in America,” he added. “Cambridge Analytica was supposed to be the arsenal of weapons to fight that culture war.”
“Issues about violating people’s privacy don’t seem to be surmountable,” said Mark Zuckerberg at age 19 after being presented with an unforeseen amount of power thanks to seemingly arbitrary capitalistic circumstance once his project now known as Facebook had begun to take off.
“I apologize for any harm done as a result of my neglect to consider how quickly the site would spread and its consequences,” Zuckerberg continued. “I hope you understand … this is not how I meant for things to go.”
We live in a world of complex social constructions that are largely immaterial by nature, but these rich features of status and identity manifest in physical realities. And, shockingly, a seemingly insignificant physical object — say, a three-and-a-half-by-two-inch rectangle of cheap, warehouse plastic — and, due to some ridiculous joke of our material form, the simple act of misplacing these objects can mean our carefully-constructed glass houses all come shattering down in one tremendous collapse.
In brief, since the 944 data breaches of 2018 have taken place, the cost of stealing your identity has shot bottom-dollar. It’s a buyer’s market. So here’s the going rate to buy your identity as of late 2018, according to cybersecurity expert, president of research at Top10VPN, and dark-web-literate-extraordinaire Simon Migliano.
In case you were wondering what all those hackers were doing with your data online, here’s what it costs to buy you.
This is How Much Your Identity Costs on the Dark Web
Social Security Number: $1
Credit Card Number: $5-110
Credit/Debit Card with CVVV Code: +$5
“Fullz Info” (Full Name, SSN, DOB, Bank Account Number, Security Code): About $30
Online Banking Login: ~$115
Online PayPal or Cash Management Login: $20-200
Official University Diploma or Degree: $100-400
Driver’s License: ~$20
Medical Records: $1-2,000
U.S. Passport: $1,000-2,000
Like any transaction, the cost of goods is subject to the laws of economics. In brief, it is drastically significant how bad you want it and how available it is when it comes to determining price. But at the end of the day?
You can buy a full-stack identity for less than an Amazon Fire Stick.
Featured Image: Courtesy of Megapixel (Raw Pixel Images)