The FBI on Tuesday seized an illicit marketplace that has made millions selling the personal data of roughly 24 million U.S. citizens, according to the Justice Department.
SSNDOB Marketplace operated through an updating rotation of websites that sold records including names, dates of birth and U.S. Social Security numbers. The administrators advertised their services to customers on dark web marketplaces, according to a DOJ press release.
U.S. law enforcement worked with authorities in Cyrus and Latvia to seize four domains belonging to SSNDOB administrators.
Users were able to pay for services through a wallet address associated with their accounts, according to cryptocurrency analysis firm Chainalysis. SSNDOB processed more than $22 million worth of bitcoin since 2015, researchers found. The median purchase was $220 but records show purchases as high as $100,000.
Chainalysis also found financial ties between SSNDOB and Joker’s Stash, an infamous darknet market for stolen credit card and personal information shut down in January 2021. Bitcoin transfers between the two ranging from December 2018 to June 2019 suggest a possible relationship.
The takedown is the second seizure by the FBI this month of a criminal operation boasting stolen data. Last week the FBI and Justice Department announced they had seized weleak.to, a subscription search engine that claimed to offer users records from more than 10,000 data breaches.
“Identity theft can have a devastating impact on a victim’s long-term emotional and financial health. Taking down the SSNDOB website disrupted ID theft criminals and helped millions of Americans whose personal information was compromised,” said Darrell Waldon, special agent in charge at the IRS-CI (criminal investigation) D.C. field office.
The implications of the takedown go beyond financial fraud, however.
“Services like SSNDOB enable several different kinds of digital fraud by giving cybercriminals access to stolen PII,” researchers at Chainalysis wrote in a blog. “Not only can this stolen information be exploited to target victims for scamming, it can also be used by cybercriminals to set up online accounts that can’t be traced back to them, which can then form the backbone of other cybercriminal schemes.”
They pointed to the use of stolen information by Russia’s Internet Research Agency to create fake social media accounts leading up to the 2016 and 2020 elections.