The stolen online identities of more than 600,000 people are reportedly being sold online for £19 .
Hackers who have have tapped into databases, including those belonging to HM Revenue and Customs, have enough information to steal people's digital identities, the Financial Times Has reported.
The report states that this stolen information is valued at a much higher price if it originates from a governmental database.
Dubbed the "crown jewels" of online data, hackers can then sell this information to third parties for around $75.
A Government spokesman told the Financial Times: "We are looking carefully at the level of regulation.
"Every company board should be fully aware of the risk from cyber attack, and be confident that the company has proper security in place.'
The report follows a spate of attacks experienced by telecom giant TalkTalk.
- Talk Talk Cyber Attack: 15-Year-Old Boy Arrested In Northern Ireland
- TalkTalk Account Cyber Attack: What To Do Next If You're A Customer
- TalkTalk Account Cyber Attack: Islamic Cyber Jihadi Group Claim Responsibility
- TalkTalk Account Cyber Attack: Company Receives Ransom Note 'Seeking Payment'
- TalkTalk Account Cyber Attack: Mother Of Two Claims Identity Stolen And Can't Get Through To Company Helpline
The breach in cyber security, potentially affected four million customers around the UK, some of who accused the company of a cover up.
A common pathway for stolen data is for it to end up on the "Dark Web," a virtual market that can only be tapped into using special software.
The going rate for such information is usually dependent on the type of data being sold.
According to 'Dark Matters' the data on sale can take two forms: "dumps” and “CVVs.”
CVV stands for "card verification value," which includes name, the address, the card number while "dump" refers to the information stored on the magnetic strip.
Other popular commodities on this hidden market includes bank logins, PayPal accounts and something known as "Fullz."
"Fullz" refers a victim's full information, which in addition to name and date of birth also represents more detailed data such as driver's license details and mother's maiden name.
Since the TalkTalk cyber attack, the company is yet to confirm how many of its four million customers have been affected, although it did state that stolen information included bank sort codes and account numbers.