The Dark Web. You may have heard the phrase before in commercials, online, and in other media. It sounds ominous and scary which is what it is supposed to do since it is really just a marketing term to evoke those feelings. Many companies advertising about the Dark Web are trying to sell you services for identity theft. But what is it really and why should you care?
The Dark Web is just a small “part” of the Internet that is only accessible using encrypted browsers and its data is not searchable using the usual sites like Google. Because of that, the average person never sees any of the data or sites that reside on the Dark Web. For the most part, it is anonymous which is why stolen information and other nefarious items like guns and drugs are traded and sold there. When there is a data breach, the information is put on the Dark Web quickly to be sold. Most security breaches are not discovered for 9 months; it is disconcerting that the people buying the stolen data know about the breach a long time before the company that has been breached finds out.
The reality is we all have data on the Dark Web. There have been so many major security breaches over the past several years that it is almost guaranteed you have had your data stolen. You can check the site Have I Been Pwned to confirm.
You’ve discovered your data is on the Dark Web so now what?
Well, there is not much you can do. You cannot delete it or get it back. You are basically screwed like the rest of the population.
But you can do something about it going forward….
- Turn on a credit freeze with all of the credit agencies. It is free now so you have no excuse.
- Start using a password manager! Most people use the same username/password for multiple sites. One site gets breached and now all of your sites that use that login are vulnerable.
- Have your company monitor the Dark Web for stolen data. Waident has a tool that can monitor the Dark Web in real-time and let you know what user accounts have been breached including the usernames and passwords. Find out long before it is made public so you can do something about it right away.
- If you really want, you can sign up for an identity theft service. It is really just insurance in case there is ever a big event on your personal data that causes you credit problems.
- Start using multi-factor authentication (MFA) for your websites and other applications.
Questions? Contact us to see if we can help.
