Skip to main content

Data doctors: Tips for neutralizing dark web risks

Q: Should I be worried that my personal information is already on the dark web?

A: With data breaches making headlines almost weekly, the reality is simple: If you’ve had an email address for more than a few years, your information has likely been exposed somewhere.

However, exposure doesn’t automatically make you a victim of identity theft. The real danger isn’t a high-tech cyber-heist; it’s automated “password stuffing.”

Criminals take leaked email-and-password combinations from old breaches and use software to test them against hundreds of other websites. If you reuse passwords, a minor breach at a random shopping site can instantly give a hacker access to your financial or tax accounts.

Fortunately, while you can’t pull your data back from criminal forums, you can completely control how useful that information is to a scammer.

Lock down your digital gateway

Start by entering your email address at HaveIBeenPwned.com, a free, trusted service that logs historical data breaches. If you pop up, don’t panic — just change the password on that specific account.

Moving forward, unique passwords aren’t enough. You must activate multifactor authentication (MFA) on every vital service.

Your primary email should be your top priority, if a hacker breaks into your email, they can use the “forgot password” link on your bank or brokerage accounts to hijack your entire life.

For maximum security, switch to passkeys wherever available. These are offered by Google, Apple, Amazon and major banks. Passkeys replace traditional passwords entirely, using your device’s biometrics (face or fingerprint) to log you in. Because there is no text password stored on a company’s server, there is nothing for a hacker to steal in a future breach.

Freeze your credit and alert your bank

If a breach exposes sensitive data like your Social Security number, consider placing a credit freeze. You must contact all three major bureaus individually: Equifax, Experian, and TransUnion. By law, this is completely free. Unlike credit monitoring, which just alerts you after fraud occurs, a freeze locks your file so thieves cannot open new loans or credit cards in your name.

To protect your existing cash, turn on real-time transaction alerts via text or push notification in your banking apps for any purchases. This is especially critical for debit cards. If a criminal attempts an unauthorized charge, you’ll know within seconds and can block the card immediately.

Secure your phone line

Breaches frequently expose phone numbers, putting you at risk for SIM-swapping. This happens when a hacker tricks your mobile carrier into routing your phone number to their device, allowing them to intercept the SMS security codes used for your accounts. Call your cellular provider and request a “Port Freeze” or setup a mandatory account PIN.

Know what to ignore

Once data hits the dark web, it is there permanently. Beware of predatory services promising to “delete your data from the dark web” for a fee. It is technically impossible to force anonymous criminals to delete files. If you ever face active identity theft, head straight to IdentityTheft.gov, the FTC’s free, official recovery portal.

You cannot control whether a corporation guards your data properly, so protecting yourself as best as you can will encourage the hackers to go after easier targets.

The US lags other countries in social media restrictions for kids, but a reform push is growing

Amy Neville describes Kristin Bride as her “soulmate.” But the day that forged their bond — June 23, 2020 — was the worst of each of their lives. Both Bride and Neville lost their teen sons that day. Their kids lived a thousand miles apart and never met, but they both died from harms related to their social media use. When the two mothers met, early in their advocacy work to protect other kids, Bride said she had felt “totally alone.” But they have since seen the online child safety movement blossom, with scores of other parents who lost kids pursuing stronger social media safeguards and legislation to protect children online. With that momentum, advocates say the tide seems to be turning. A pair of landmark jury verdicts this year showed a way forward for holding tech companies accountable. And while the U.S. is nowhere near embracing social media bans for children like those seen from Australia to Indonesia, a push for regulation is simmering again in Congress.
Read Next Story