Skip to content

What to Do if Your Info Is Found on the Dark Web


If you know anything about the dark web then you know having your information published there is bad news. What exactly is the dark web, and how does your information end up there? What should you do when you find out your info is on the dark web?

What is the dark web and how does it work?

The dark web is the “hidden” part of the Internet that’s not accessible through a regular web browser. The content on the dark web is encrypted and requires special authorization to access. The most common way to surf the dark web is through Tor, a tool which hides IP addresses and locations.

Because the dark web is anonymous, it’s home to a lot of shady or illegal activities — drug deals, arms sales, and worse. The dark web is also the ideal place for criminals to buy and sell identity information, such as credit card numbers, Social Security numbers, medical records, passports, and email addresses. Experian estimates that a SSN can go for $1, a diploma for $400, and a U.S. passport for $1000.

Dark web or deep web?

You may have also heard of the deep web, and it’s important to distinguish it from the dark web. The deep web isn’t sinister, it’s just the part of the Internet that doesn’t get indexed by search engines. Pages that require sign-in or authentication, like online banking dashboards or your Amazon shopping cart are part of the deep web. Experts estimate that the deep web makes up 90% of the Internet.

How did your info end up on the dark web?

  1. Data breaches: Every so often you might hear about a big data breach at a large company in the news. Adobe, Canva, eBay, Equifax, and MyFitnessPal are just a few of the biggest in the last 20 years. When companies get hacked, their users’ information gets stolen. If you have an account or any information saved with a company and it announces a data breach, start securing your passwords and personal data immediately.
  2. Weak public WiFi networks: When you join a non-password protected network, anyone can easily take a peek at what you’re doing on the device you connected with. For this reason, always avoid using public WiFi, even at coffee shops where there’s a password but it’s “coffeeshop1” or something generic and easy to guess. If you absolutely must use public WiFi for whatever reason, always browse with a Virtual Private Network (VPN).
  3. Compromised online security: If you’re visiting an unencrypted website, a hacker can pull a “man-in-the-middle” attack and intercept the information you input on the website. Always visit websites that start with HTTPS instead of HTTP, because the “S” means it’s more secure. If you need to visit a website without the HTTPS protocol, use the HTTPS Everywhere browser add-on from the Electronic Frontier Foundation.
  4. Offline information: Leaving paper bills or statements with your name and address out is also a way to compromise your security. If you have sensitive info printed on paper, always keep it locked up somewhere safe or shred it before throwing it away.

Dark web monitoring vs. dark web protection

Because threats from the dark web have become so prevalent, many companies have started offering dark web monitoring services. Many others will do a one-time dark web scan of your information to see if it’s out there. WhatsUp Gold, Have I Been Pwned?, and Echosec Beacon are all legitimate dark web scanners you can use to check if your information is being shared.

If dark web monitoring comes with your antivirus software or credit card company, it’s important to note that these services only monitor. They do not take any action to prevent your information from ending up on the dark web — that’s your job.

Steps to take regain your privacy

Unfortunately, once your info is on the dark web, there’s nothing you can do to remove it. But you can beef up your personal data security to ensure that anyone who has that information won’t pose a threat to you.

1. What kind of information was found?

How you proceed will depend on the type of information that was found. If it was a credit card number or anything related to your bank, freeze your cards and accounts immediately and contact your bank about next steps.

If it was your driver’s license, contact your local DMV about getting a new card. If it was your passport number, report it to the U.S. State Department. For a leaked Social Security number, contact the Social Security Administration.

If your email address was shared, you should change all the passwords for accounts you have linked to that email address. You might start noticing spoofed emails as well. Alert your email provider right away.

2. Scan your computer for viruses

It’s possible that a hacker may have already compromised your security if they got your info from the dark web. Run a check with your antivirus software on your computer, smartphone, and other devices with operating systems.

3. Change all passwords

If your email was shared, changing passwords is a definite must. But even if it wasn’t your email address that appeared on the dark web, you should still consider resetting passwords for as many of your accounts as you can — especially accounts in which you have payment information saved.

How to protect your data

While you can’t remove your info from the dark web once it’s there, you can take steps to prevent anyone from leaking your identity or personal data in the first place:

Finding out that your info is on the dark web can be scary. As long as you know what’s at stake and how to react, then it shouldn’t cause too many problems for you. And remember, the best cybersecurity defense is always prevention.

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety

Cyberbullying Prevention: What Parents Can Do

It’s very easy for anyone to create a fake online profile and say or do mean things…

[Read More]
Lost iPhone

Lost iPhone? If It’s Missing, Look Up to the Cloud for Help.

Here's an important piece of advice: You need to learn what Find My and can do...

[Read More]
David Cooper founded IPSecure to help provide brand protection online.

Brand Protection: How to Stop Unauthorized Selling of Your Business’s Products

If you sell products online, you’ve probably had issues with counterfeiters and unauthorized sellers. Amazon is a…

[Read More]
Dr. Michele Borba has suggestions to help children reduce stress and build resilience.

Help Your Child Reduce Stress and Become Resilient

One in every three children has been diagnosed with a mental health disorder like anxiety or ADHD…

[Read More]

What Can You Get From Your Search History and Is It Even Worth Downloading?

If we were to broadcast our individual search history, the results could prove confusing, if not downright…

[Read More]

Essential Documents (and Apps) to Take with You When You Travel Overseas

When you book a trip to travel abroad, you feel excited for the adventures that await you….

[Read More]