Skip to content

Dark Web Notifications

Yikes! Have I been breached? Quick…What do I do?

If you’ve received a notification or alert regarding your information being found on the Dark Web, it’s important to understand what this means and how to respond effectively.

Now, take a moment to read through this guide that will take you through the steps you should now take to protect yourself and your personal data.

We’ll explain the implications of getting a dark web alert or notifications, what actions you can take to mitigate potential risks, and how to stay vigilant in the future.

Your safety and security are paramount, so let’s get started!

The Dark Web is a part of the internet that isn’t indexed by standard search engines like Google. It exists within a larger network known as the Deep Web, which includes all online content that isn’t accessible through regular browsing. It includes a range of databases, private websites, and password-protected pages. To access the Dark Web, users typically need special software, most commonly the Tor browser, which anonymises their online activity by routing it through multiple servers.

While the Dark Web is often associated with illegal activities—such as the sale of drugs, stolen data, and other illicit goods—it also hosts legitimate content, including forums and services that prioritise privacy. Nevertheless, the Dark Web is a dangerous and risky place where neither you nor your data should be hanging out!

If you have received a dark web notification or alert, it means that your company likely has a Dark Web Monitoring service in place, that is scouring the dark web regularly to look for cases where company information or data comes online on the Dark Web.

If your data is published on the Dark Web, it typically means that your personal information—such as your name, email address, passwords, or financial details—has been compromised and is being traded or sold among cybercriminals. This can happen due to data breaches, where hackers gain access to databases containing sensitive information, or through other means like phishing attacks or unsecured networks.

While finding your information on the Dark Web can be alarming, it doesn’t automatically mean you will become a victim of identity theft.

However, it does increase your risk, making it crucial to take proactive steps to protect yourself. This may include changing passwords, monitoring your financial accounts for suspicious activity, and considering identity theft protection services

Provide below is a list of best-practice IT security steps individuals and IT teams are advised to consider and action in the event that a work account or email address is implicated in a data breach or made available for sale on the dark web.

1.     Report the notification to IT

If you discover via dark web monitoring that your work account has been implicated in a data breach or credentials dump, you should notify your manager and IT immediately. There are technical steps they will need to check, including the access and audit logs to determine if any malicious access has been gained to your account.

2.     Change your password

Immediately change your password to a new, different, more secure password.

Our recommendations are to:

3.     Review the security status of your device

Next, perform or organise a security scan of your devices and ensure all your devices are running

4.     Check your financial accounts

Whilst it is highly unlikely that you will have suffered any financial fall-out from your credentials having been breached or popping up in a dark web alert, it is always a possibility, because unfortunately, the reality is that 85% of people use the same password across services.

If you do use the same password to access your financial services, change that password now, and check your accounts for any suspicious activity.

It is always a good idea to double check your financial account status, because if your credentials were breached via a phishing attack, there is also the possibility that the phishing email delivered keylogging or tracking malware on your device for the purpose of trying to harvest other account log-in details. This is also why performing a device scan, as per step 2. is also wise.

5.     Set up a different email account for non-work purposes

Best practice is, and indeed your organisation’s HR and IT policies may dictate, that your work email account is used strictly for work-related purposes.

If you have previously used your work email address as your username to log into non-work-related services, set up a personal email address for those use cases.

And in future, when you go to sign up for a new service or for access to something, consider whether you should be using your work email address or your personal account instead.

6.     Turn on Multifactor Authentication (MFA) wherever you can

As a rule of thumb, if you can log onto it via the web, it should have MFA in front of it!

Where you have an option to turn on MFA, do that now. Having MFA in place will mean that when you log in in future, you will be prompted to verify your login attempt.

Even if your credentials are breached again in the future, the malicious actor will not be able to gain access your account without access to that final MFA verification step.

7.     Opt out of people search sites and disable old accounts

If you have signed up at some point for professional networking sites that you don’t actively engage with or use, opt out or cancel those profiles.

Likewise, do you still have old accounts out there in the wild? If you don’t use those accounts anymore, but have used the same password elsewhere, make sure you use unique passwords for each and every service going forward and delete any old accounts.

8.     Practice good password hygiene

9.     Be alert to phishing attempts

By far the number-one way malicious actors obtain your credentials to sell on the dark web to start with is via phishing.

You may have received a legitimate looking email, perhaps even purporting to be from someone you know or a service you use, asking you to log in to review a document or pay an account. You unwittingly enter your username and password and then they’ve got you! Best practice it to double check anything you receive via email before actioning it, and don’t login or action via links in any email.

If you have any questions or concerns, feel free to Contact Us anytime.

Wishing you a happy and safe Festive Season. Our offices will be closed from 5pm Friday December 20 and will reopen Monday January 6. Please call 1300 629 786 for Critical Incident assistance over this time.