People always ask me what hackers do when they are able to obtain our personal information, including our Social Security numbers. There are many things hackers use our information for, some of which include filing false tax returns in our name to obtain fraudulent tax refunds, opening up new credit card accounts and other credit accounts to buy merchandise, opening new bank accounts or trying to get into our bank accounts and steal our money, using a stolen credit card account or using stolen passwords to get into online accounts. Or they just sell it on the dark web to others who will use it for similar fraudulent purposes.
Just because we have been the victim of a data breach doesn’t mean we will become a victim, although it is prudent to protect yourself if you have received notice that your personal information has been compromised.
So how do you find out if your information is for sale on the dark web?
A security researcher from Australia named Troy Hunt has searched the dark web and other sources to assemble and develop a repository that contains the identities of billions of individuals whose personal information has been stolen and is being sold. And he lets people search his website without charge to determine whether their information is being sold on the dark web. The website is Have I been Pwned? He has collected information of 4.8 billion people.
The term Pwned is a gaming term that means “utterly defeated,” which is how we all feel after a data breach. Anyone can use his site to search whether their information has been exposed by using their email address, and also can also subscribe to his alerts when records do appear on the dark web.
In this day and age of massive data breaches, although many of us believe our information “is out there,” this is one tool for identifying whether personal information is being sold on the dark web.