SSNDOB Marketplace Admin Pleads Guilty to Fraud, Trafficking PII

The DOJ’s takedown of SSNDOB is the latest in a series of seizures of illicit marketplaces, forums, and shops, which sometimes include the sale of personally identifiable information (PII) belonging to individuals in the United States. 

November 2023 Update: SSNDOB Threat Actor Sentenced

On November 28, Vitali Chychasov was sentenced to eight years in federal prison for his role in advertising and managing SSNDOB’s services. This marks the end to the trial that took place back in July, where Chychasov was arrested in March of last year.

July 2023 Update: SSNDOB marketplace admin pleads guilty

On July 25, the DOJ announced that a 37-year-old Ukrainian named Vitalii Chychasov has pleaded guilty to “conspiracy to commit access device fraud and trafficking in unauthorized access devices relating to his administration of SSNDOB Marketplace,” which raked in more than $19 million in sales.

Domains associated with SSNDOB trafficked in the personal information of individuals in the US, including their names, birth dates, and Social Security numbers. Read the indictment and the plea agreement here.

SSNDOB seized

US law enforcement, working in coordination with authorities in Cyprus and Latvia, seized several domains from the SSNDOB marketplace, a venue for social security numbers (SSN) and date of birth (DOB) information that helped fuel the fraud ecosystem. According to the press release from the US Department of Justice, SSNDOB listed the personally identifiable information (PII) for some 24 million individuals in the United States and generated over $19 million in fraudulent revenue. 

“Taking down the SSNDOB website disrupted ID theft criminals and helped millions of Americans whose personal information was compromised.”


This announcement is the latest in a series of seizures, including the May 31 takedown of WeLeakInfo[.]to, ipstress[.]in and ovh-booter[.]com.

Role in cybercrime

SSNDOB shops helped fuel a number of types of fraud and cybercrime, like identity theft, synthetic identity fraud, and account takeover. While there may be various methods to obtain PII, including social engineering, it is likely easier and more convenient to purchase them from a “SSN/DOB” shop, such as the ones listed on the domains taken down by law enforcement.

After purchasing Social Security Numbers from the marketplace, for instance, cybercriminals could use the data for a variety of fraudulent activities, such as opening bank accounts, applying for lines of credit, or attempting to receive insurance payments, among other illicit activities.

Mitigate risk everywhere

Tracking threat actors and the spaces in which they operate is a key element to an effective threat intel program. Flashpoint intelligence helps our clients disrupt malicious activities across open source, social media, chat platforms, and illicit communities. Learn how we can help prevent fraud from markets like SSNDOB and the hundreds of other like-minded sites.

Begin your free trial today.