Being notified that your information has been found in a data breach or on the dark web, as its name suggests, shouldn't be taken lightly. It's likely not an occasion to full-on panic, but it probably suggests some next steps. You were smart to employ an identity protection provider to monitor the dark web for your credentials and alert you if they found anything. But, now they found something.

So, now what?

What should you do?

What is the dark web anyway?

We've put together this handy guide to help you understand the basics of the dark web, dark web monitoring, and what you should consider doing next to better protect your identity.

What is the dark web?

The dark web is part of the internet that isn't visible to search engines. Accessing the dark web requires a special web browser that hides the identity of all users and all organizations. The dark web includes areas with websites, chat rooms, and other forums known for trafficking stolen personal and financial information for compromised credentials including Social Security numbers and email addresses.

Can I remove my information from the Dark Web?

No. Because of the anonymous nature of the dark web, there is no way to search and find all possible organizations with your personal information or to hold anyone accountable for removing it.

I received a Dark Web alert — what should I do?

While you can't remove your credentials from the dark web, knowing what information was compromised can help you take action to better protect yourself from future identity theft and fraud.

• If your exposed information includes credit/debit card or account information:
  • You should consider canceling your credit or debit card and adding additional security such as 2-factor authentication.
  • Multi-factor or two-factor authentication requiring an extra code or physical key for login can make it harder for scammers to successfully login to an account even if they manage to steal a username and password combination.
  • You should also be on the lookout for new alerts and regularly check your credit reports and financial accounts for any unrecognized transactions. Consider placing a credit lock or freeze, or adding fraud alerts to your credit reports to help keep identity thieves from opening new accounts in your name. Don't worry, if you're opening a new account or applying for a loan, you can unlock your credit report at each credit bureau for a credit check.
• If your exposed information includes a password:
  • You should consider changing your password and adding additional account security if your email address or login credentials were associated with a data breach. Where available, you can add security such as 2-factor authentication to your accounts. Avoid using the same password across multiple accounts, and consider a password manager to help keep track of unique passwords. Utilizing a password manager can help you generate, manage, and store distinct and complicated passwords.
  • As always, be on the lookout for new alerts and regularly check your credit reports and financial accounts for any unrecognized transactions.
• If your exposed information appears to be only an email address:
  • While you may have no immediate action, you now know to be on alert for any unrecognized transactions, suspicious emails, and notices of account login attempts. Criminals have one piece of information that, when coupled with additional PII or a password, can help open access to your live online accounts like bank accounts, social media profiles, and other online memberships. They may attempt to gain more of your information through schemes like phishing and social engineering. If you are prone to using the same password across multiple accounts, consider using a password manager to generate and keep track of unique passwords.

My Social Security number (SSN)/Driver's License number/Passport number was found exposed on the Dark Web — what should I do?

• For a stolen Social Security Number, we recommend you start by filing an FTC report on identity theft at https://identitytheft.gov/.
• For a stolen Driver's License number, we recommend you start by contacting the nearest DMV to request a replacement driver's license and also filing an FTC report on identity theft at https://identitytheft.gov/.
• For a stolen passport number, we recommend that you report your passport as lost or stolen at https://travel.state.gov/content/travel/en/passports/have-passport/lost-stolen.html and also filing an FTC report on identity theft at https://identitytheft.gov/.

An identity thief with a stolen identification number may look for a quick payout through getting access to your credit, financial accounts or government benefits such as unemployment claims fraud. We recommend adding a credit lock, credit freeze, or fraud alerts to your credit reports, staying on the lookout for new alerts, and regularly checking your credit reports and financial accounts for any unrecognized transactions.

I received a notification from another company that my information was exposed through a Data Breach — what should I do?

Like the above examples, the answer depends on what personal information this company might have in their records — for example do you have an account login? Does the company that was breached have your Social Security number or medical login?

If you set up an account with a login with the company that was breached, we recommend that you reset your password for this account using a password manager and where possible add additional account security — for example 2-factor authentication. You should also reset your password for any other account where you have used the same or similar password.

Since the identity thief likely has not only your email address but possibly other credentials, we recommend adding a credit lock, freeze or fraud alerts to your credit reports, staying on the lookout for new alerts, and regularly checking your credit reports and financial accounts for any unrecognized transactions.

For more on how to best generate strong passwords and keep them safe check out “Do’s and Don’ts to Improve Password Best Practices”.