A 22-year-old man from Arnhem was arrested on Wednesday on suspicion of possessing around 12 billion user names and passwords and offering them for sale via website We Leak Info, police revealed on Friday.
The arrest was made by the cyber crime team Oost-Nederland in close collaboration with the British National Crime Agency which tipped off the Dutch police force. The FBI and German police were also involved in the investigation.
During a search of two homes in Arnhem, including that of the suspect, professional equipment was found which enabled him to offer access to the data for money via the website. The site has since been taken off line by the FBI.
The man is thought to have played a ‘facilitating role’ in the scheme, which used information gleaned in previous data breeches. The investigation began last summer and the credentials offered for sale are known to have been used in cyber attacks in the UK, Germany and the US.
The international police investigation, during which a 22-year-old man from Northern Ireland was arrested as well, is ongoing and no specific information will be given out for the time being, Dutch police said.
People using the ‘We leak info’ website were able to make use of the 12 billion pieces of information for 24 hours for a $2 fee. The website also offered subscriptions for a week or one month.
According to Britain’s NCA, the two men had earned as much as €234,000 from the site.
‘The data behind the site is a collaboration of more than 10,000 data breaches. Criminals rely on the fact that people duplicate passwords on multiple sites and data breaches such as these create the opportunity for fraudsters to exploit that,’ the NCA said in a statement.
DutchNews.nl has been free for 13 years, but now we are asking our readers to help. Your donation will enable us to keep providing you with fair and accurate news and features about all things Dutch.
Donate via Ideal, credit card or Paypal.