GFC team after bike 4k

Explore opportunities to join one of the country’s largest independent business technology providers!



Technical Support
Quick Help


Toll Free: 800.333.5905

Corporate Headquarters:
2675 Research Park Drive
Madison, WI 53711


Elevity Technical

What to Do if Your Information is For Sale on the Dark Web

Paul Hager

The Dark Web celebrates its 20th birthday in 2020. This hidden part of the internet is a haven for hackers because of its anonymity. It’s the perfect marketplace for cybercriminals looking to sell or buy stolen passwords, Social Security numbers, and other sensitive information.

Is Your Data on the Dark Web?

First things first, you need to determine if your email, passwords, credit card numbers, or other sensitive data is on the Dark Web. Thankfully, there’s way to find out without you yourself having to venture into the darkness.

A Dark Web scan or monitoring service will look for your data on key Dark Web services in real time. They’ll report back to you on what they found, if anything. We offer free Dark Web scans for individuals and businesses. It’s super easy to get it done. Just sign up here.

Note that a Dark Web scan does NOT automatically remove your compromised information from the Dark Web. They simply alert you that your info is out there. There’s no Dark Web manager to call to request its removal. It’s up to you to take action from there.

If It Is, Here’s What to Do

So your scan revealed that some of your private information has made its way to the Dark Web. Time for damage control.

Change your passwords. Create new passwords for any accounts that have been compromised. And make sure you’re not using your old, stolen password on any other accounts. It’s also a good idea to change your security questions for the compromised account as well.

Alert the appropriate people depending on what has been stolen:

For credit card or bank account numbers, contact your card issuer or lender. They will help you close the compromised account and open a new one.

For your driver’s license or passport, contact your Department of Motor Vehicles or the U.S. State Department, respectively.

For your Social Security number, report it to the Social Security Administration and the Internal Revenue Service right away.


What About Email Addresses?

So your Dark Web scan shows your email address is for sale. You’re probably thinking: “It’s just my email address. Lots of people already know it. Why worry?” Actually, it’s a big deal for 3 reasons.

  1. If a hacker knows your email address, it’s that much easier for them to break into your account and snoop on the sensitive data within.
  2. A hacker can spoof your email account, tricking others into thinking they’re receiving messages from you.
  3. Many people use their email address as their user ID for logging into online accounts. Armed with your email address, a hacker can crack your logins and start messing around in your accounts.

If ANY of your information appears on the Dark Web – even something as seemingly harmless as your email account – always take it seriously.

If your email address is your user ID for any online accounts, change your ID and passwords right away. And if you notice spoofed emails coming from your address, alert your email provider or IT department.

Keeping Your Data Off the Dark Web

It’s a lot easier and less stressful to not have your data stolen in the first place. Taking these precautions can help you keep your sensitive data out of the hands of hackers and off the Dark Web.

Avoid public or unsecured Wi-Fi. These networks are dangerous because there’s nothing stopping a hacker from breaking into them. A bad guy can easily see what sites you’re visiting and what login credentials you’re using to access accounts.

Use a password manager. Every one of your accounts should have a unique, complex password. A free password manager stores all of those passwords for you so you don’t have to remember them all. It’s a simple, streamlined way to protect your passwords and the accounts they access.

Use two-factor authentication. Always. All it does is create one additional step between entering your login credentials and getting into your account. Typically it’s just entering a code texted to your phone or using your fingerprint. Enabling two-factor authentication means a password alone isn’t enough to access your account. So even if your password falls into the wrong hands, a bad guy can’t get in.

Make a garbage email account. Create a separate email address you can use for logging in to unimportant accounts. If one of these less important sites experiences a data breach, your primary email won’t be the one floating around on the Dark Web. You can simply scrap your secondary account and make a new one.

Monitor your credit. Don’t wait to find out about a data breach on the news. Regularly checking your credit reports can tip you off to identify theft early before the damage becomes too severe.

You May Also Like

These Stories on Cybersecurity

Subscribe by Email