Hackers are selling millions of actual user passwords online, which can be misused to access private and confidential data
Despite significant advancements in cyber security, data breach cases continue to be a major problem. Just a few days back, around 995 crore actual user passwords were leaked online. This dataset can be used to target individual users via a brute force attack to access their accounts. If you are worried about your online accounts, here is how you can know if your password is on sale on the dark web.
How to check for compromised passwords, email accounts?
A data breach can have various types of data stolen. It can be just your name and email, or even your complete profile such as your mobile phone, address, bank account details, etc. Many of the data breaches also involve the user passwords being revealed. To know if your password or other details have been stolen, here are some online resources you can use.
Have I Been Pwned (HIBP): This online resource is a great way to check your stolen email and passwords. You just need to enter your email to know if your email address has been put up for sale. Once you enter your email, HIBP will display all the various sources from where your email address details were leaked. You can also enter your password to know if it has been compromised. There is a 'Notify Me' option as well, which you can use to get notified in case your account gets compromised anytime in the future. Visit this link to know if your password or email has been compromised - https://haveibeenpwned.com/.
Avast Hack Check: This is another great resource to check if your email account or password has been compromised. Just enter your email to know if any of the linked passwords are on sale on the dark web. Avast will also send a detailed report to your email, describing the next steps you need to take to secure your email account. The Report will also show all the sources from where the password was leaked. Here is the Avast Hack Check link to check your stolen passwords - https://www.avast.com/hackcheck.
F‑Secure Identity Theft Checker: This is a great tool to check if any of your personal details have been leaked on the dark web. You just have to enter your email ID, after which a detailed report will be sent to your email ID. The report will show all the websites from where your data has leaked. The type of data leaked such as full name, email address, password, residential address, phone number are also mentioned in the report. Here is the link to check for Identity Theft - https://www.f-secure.com/en/identity-theft-checker.
What to do if your email, password is leaked on dark web?
If you find that your email, password or other details have been leaked online, you need to change your password immediately. Even if the data breach had occurred several months or years earlier, it can still be a threat. Make sure you use a strong password that has a mix of alphabets, digits and special characters. You also need to choose Two Factor Authentication (2FA), wherever available. With these steps, you should be able to secure your email accounts, passwords and other private details.