After so many data breaches of various companies, medical facilities, retailers, and government agencies, it makes sense to wonder if your information is out there on the dark web, just waiting to be sold to a criminal for identity theft or fraud.
How to Check the Dark Web for Your Information after Data Breach
Some of the information stolen during these breaches includes your full names, date of birth, social security number, phone number, passport ID, driver’s license numbers, email addresses, health information, usernames, bank account numbers, credit card numbers, and passwords, as well as other personal and sensitive information that could hurt you if it falls into the wrong hands.
Hackers and cybercriminals are experts at taking a small amount of stolen information, matching it up with other data, and then being able to open up new accounts in your name, apply for a driver’s license, obtaining loans, credit cards, and mortgages, filing fraudulent tax returns on your behalf, and even committing crimes in your name. The damage they can do with your stolen information is astounding. Some start dark web sites with the sole intention of stealing information and selling it online.
Dark Web Explained
The dark web is an encrypted network of websites that you cannot get to using traditional search engines. You must use a special web browser like the Tor browser to access these sites. These websites can be used for legitimate purposes for journalists to connect with confidential sources, but hackers and thieves also use the dark web to trade and sell stolen data, weapons, and other illegal items.
Before you even receive word from the company that you are a victim in their data breach, your information is already being sold on the dark web in forums used by hackers. These items are valuable and may fetch as much as $200 for a payment account or other financial logins. Things like email addresses, phone numbers, or social security numbers may go for $1-$2 apiece.
Most valuable to hackers are things like your social security number, date of birth, and bank or credit card information. Secondary information like login credentials and even just an email account is helpful too. They can use your phone number or email address to send you phishing texts or emails and try to get you to click links that infect your computer or mobile device so they can take over, spy on you, and steal even more from you.
To be clear, the dark web is not to be confused with the “deep web,” which is a part of the regular internet but is not accessible by search engines. However, you can access these things, and they may include your bank account login, health insurance apps, or another private area that you are required to log in first to access.
How to Find Out if my Information is on The Dark Web
There are various companies that offer to do a dark web scan for you. These services usually charge a fee, but they scan the entire dark web looking through forums, leak websites and databases for any information that matches your personal data. Although helpful, these scans may not find everything that is out there about you.
There are also fantastic search tools like InfoTracer and IDStrong where you can scan not only the dark web but social media, public records, and dozens of other sources to see where your exposed information shows up all over the internet. You can also sign up for dark web scanning and monitoring and receive notifications if your information suddenly shows up there.
How To Protect Your Information
Although it is impossible to prevent your information from being stolen in a data breach from the companies you do business with; there are things you can do to protect yourself before and after a data breach. Some cybersecurity tips to keep your private information safe include:
- Sign up for dark web monitoring with a good identity theft monitoring service.
- Invest in a password manager to create long, hard to hack passwords for all your accounts.
- Never reuse passwords on multiple accounts - hackers can steal your logins using credential stuffing if you do.
- Always turn on two-factor authentication whenever possible.
- Never click links in email or text messages.
- Consider investing in a VPN to mask your online activities, hide your IP address and keep your browsing safe.
- Use good antivirus/anti-malware software to keep your devices safe.
- Always be on the lookout for scams and any criminal activity.
- When browsing online use a more secure and private browser.
- Never share your login credentials with anyone.
What to Do if You Have Been in a Data Breach and Your Information is Exposed on the Dark Web
Most Americans have been exposed by a data breach, and some of their information will be out there on the dark web. If it happens to you and you confirm that your information is at risk, follow these steps:
- Change all your passwords immediately.
- Contact your bank, debit card and credit card companies to alert them to potential fraud.
- Contact the three credit bureaus (Experian, TransUnion, Equifax) and put a credit freeze on your account.
- Monitor all bank and credit card statements, looking for suspicious activity.
- Get a copy of your credit report and check it for accuracy.
- Sign up for credit monitoring with a good company and let them keep an eye on things. You will receive alerts if anything happens that you did not authorize.
These days it is imperative to remain vigilant and protect your private information against identity thieves. It’s not always easy to catch illegal activity with your online accounts before it happens but well worth the extra time and trouble if you can.