Your passwords might be on the darkish net: Find out how to see what leaked after a knowledge breach

Your passwords could be on the dark web: How to see what leaked after a data breach

There are issues you are able to do to guard your self in case your passwords have been stolen.

Angela Lang/CNET

In case your private information has been compromised, you typically will not find out about it till T-Cell, Fb, Marriott, DoorDash, LinkedIn or some other firm you are trusted together with your data notifies you a couple of information breach. By that point your birthday, Social Safety quantity, bank card quantity, well being information or different information can have already been uncovered or stolen. 

Any stolen private data that leads information thieves to your identification can let hackers do every part from making purchases and opening up credit score accounts in your title, to submitting on your tax refunds and making medical claims, all posing as you. What’s worse, billions of those hacked login credentials can be found on the darkish net, neatly packaged for hackers to simply obtain without spending a dime.

Learn extra: 14 of the worst information leaks, breaches, scrapes and safety snafus within the final decade

You may’t cease websites getting hacked, however you possibly can take just a few steps to verify in case your data could also be compromised and to restrict the injury performed from a breach. In case you use a password supervisor that creates distinctive passwords, you possibly can make sure that if one web site will get breached, your stolen password will not give hackers entry to your accounts on different websites. A great password supervisor also can allow you to handle all of your login data, making it straightforward to create after which use distinctive passwords.

After a cyberattack, a few monitoring instruments can provide you with a warning to which of your stolen credentials are out within the wild on the darkish net, providing you with a working begin at limiting the injury the thieves can do. Here is the best way to use two free monitoring instruments — Google’s Password Checkup and Mozilla’s Firefox Monitor — to see which of your e-mail addresses and passwords are compromised, so you possibly can take motion.

Now playing:
Watch this:

Are your login credentials on the dark web? Find out…


How to use Google’s Password Checkup 

As part of its password manager service, Google offers the free Password Checkup tool, which monitors usernames and passwords you use to sign into sites outside of Google’s domain and notifies you if those login credentials have been exposed. (You may remember Password Checkup when it was a Chrome extension you had to add separately to Google’s browser. This is the same tool folded into Google’s password manager.)


Google’s Password Checkup finds a few password problems.

Screenshot by Clifford Colby/CNET

1. If you use Google’s password service to keep track of your login credentials in Chrome or Android, head to Google’s password manager site and tap Go to Check passwords.

2. Tap Check Passwords and verify it’s you.

3. Enter the password for your Google account.

4. After thinking for a bit, Google will display any issues it’s found, including compromised, reused and weak passwords.

5. Next to each reused or weak password is a Change password button you can tap to pick a more secure one.

How to use Mozilla’s Firefox Monitor 

Mozilla’s free Firefox Monitor service helps you track which of your email addresses have been part of known data breaches. 

1. To start, head to the Firefox Monitor page.


Mozilla’s Firefox Monitor identified 4 breaches for this email.

Screenshot by Clifford Colby/CNET

2. Enter an email address and tap Check for Breaches. If the email was part of a known breach since 2007, Monitor will show you which hack it was part of and what else may have been exposed.

3. Below a breach, tap More about this breach to see what was stolen and what steps Mozilla recommends, such as updating your password.

You can also sign up to have Monitor notify you if your email is involved in a future data breach. Monitor scans your email address against those found data breaches and alerts you if you were involved. 

1. Near the bottom of the Firefox Monitor page, tap the Sign up for Alerts button.

2. If you need to, create a Firefox account.

3. Tap Sign in to see a breach summary for your email. 

4. At the bottom of the page, you can add additional email addresses to monitor. Mozilla will then send you an email at each address you add with a subject line “Firefox Monitor found your info in these breaches” when it finds that email address involved in a breach, along with instructions about what to do about following the breach.

How else to watch for fraud

Besides the tools from Mozilla and Google, you can take a few additional steps to watch for fraud.

Monitor your credit reports. To help you spot identity theft early, you request one free credit report a year from each of the three major credit bureaus — Equifax, Experian and TransUnion — to check for unfamiliar activity, such as a new account you didn’t open. (Note that Equifax was itself part of a massive data breach.) You should also check your credit card and bank statements for unexpected charges and payments. Unexpected charges can be a sign that someone has access to your account.

Sign up for a credit monitoring service. To take a more active hand in watching for fraud, sign up with a credit monitoring service that constantly monitors your credit report on major credit bureaus and alerts when it detects unusual activity. With a monitoring service, you can set fraud alerts that notifies you if someone is trying to use your identity to create credit. A credit reporting service like LifeLock can cost $9 to $26 a month — or you could use a free service like the one from Credit Karma that will watch for credit fraud but not ID fraud, such as someone trying to use your Social Security number.

For more on how to keep your data secure, see our guides on how to protect your phone’s privacy, the best VPN services of 2021, and why you should never trust a free VPN.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts