A typical assortment of products and services comprises personally-identifiable information, payment card data, credentials, access to compromised systems, distributed denial-of-service, forged documents, credentials, and access to compromised services. Full packages of data that can be used to steal a US victim's identity sell for $4-$10, the researchers say. These are called 'fullz' and include at least the name, Social Security number, date of birth, and account numbers.
Flashpoint estimates "with a moderate degree of confidence in 2019 that the price of cards in card shops likely often ranges between $2 and $20 USD" but it may go as high as $200 in some cases. Although the prices above seem low, one must consider that the seller expects to deliver them in bulk. For instance, someone is offering a huge database of 90 million Brazilian citizens, while others provide entire collections of credentials, suitable for account takeover attacks via credential stuffing.