Free Dark Web Report from Experian – Part One

I caught an ad on TV the other night that made me curious.  Experian is offering a “free dark web report,”  ostensibly to see if any of your personal data is for sale on the Dark Web.  Well I don’t really need a test to tell me that.  Since the Equifax breach, I am pretty sure all of us have information for sale on the Dark Web.

Just to be clear, and fair, this is Experian NOT Equifax.  Experian is a competitor of Equifax.  It was Equifax who last year notoriously lost the personal credit information on 145.5 million people in the US, Canada, the UK, Argentina, and God knows where else.

I thought I would give this scan a try anyway, just to see what sort of information they could find.  Feel free to play along.  Just use the links that follow. First to Google, who sent me to the Experian scan page.  I entered my primary email address, and pushed “Start Scan.”  The web page changed to one where they told me that they scan thousands of websites and chat rooms looking for personal information linked to the email address.  The next screen told me to look for an email from them with a link to the report.  This prevents anyone from checking your email address and seeing the results themselves.  As such, a reasonably good security feature.

It took some time, maybe fifteen minutes, and I did receive an email from them.  Unfortunately it was delivered to my SPAM folder, which is fairly common for these sorts of semi-commercial and service marketing emails.  The link in the email took me to a page where Experian had found three occurrences where my information was found on the Dark Web.  They found:

  • A breach on 8-13-2017 on the Daniweb.com site.
  • A breach on 6-9-2016 on an unknown or unidentified site. (Not too helpful there…)
  • A breach from 2-17-2014 on Forbes.com

Doesn’t look too bad, does it?  And nothing from the Equifax breach.  So am I in the clear?  Check back with us on Wednesday when we provide some additional answers and options for you.

 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.