Although studies document the social processes of the market and relationships between buyers and sellers, few have considered the revenues earned from market transactions. This study explored these issues using a sample of threads from 10 Russian language and 3 English language Web forums used to sell stolen data.
Estimates were generated on the total number of transactions completed by participants along with the advertised prices for the two most common forms of personal information sold. The findings demonstrated that buyers may earn a range of revenues from the sale of stolen data, although this figure was smaller than the potential profits earned from fraudulent use and identity crimes by data buyers. The implications of this study for cyber crime research and policy are explored in detail. (Publisher abstract modified)