Free Dark Web Report from Experian – Part One

I caught an ad on TV the other night that made me curious.  Experian is offering a “free dark web report,”  ostensibly to see if any of your personal data is for sale on the Dark Web.  Well I don’t really need a test to tell me that.  Since the Equifax breach, I am pretty sure all of us have information for sale on the Dark Web.

Just to be clear, and fair, this is Experian NOT Equifax.  Experian is a competitor of Equifax.  It was Equifax who last year notoriously lost the personal credit information on 145.5 million people in the US, Canada, the UK, Argentina, and God knows where else.

I thought I would give this scan a try anyway, just to see what sort of information they could find.  Feel free to play along.  Just use the links that follow. First to Google, who sent me to the Experian scan page.  I entered my primary email address, and pushed “Start Scan.”  The web page changed to one where they told me that they scan thousands of websites and chat rooms looking for personal information linked to the email address.  The next screen told me to look for an email from them with a link to the report.  This prevents anyone from checking your email address and seeing the results themselves.  As such, a reasonably good security feature.

It took some time, maybe fifteen minutes, and I did receive an email from them.  Unfortunately it was delivered to my SPAM folder, which is fairly common for these sorts of semi-commercial and service marketing emails.  The link in the email took me to a page where Experian had found three occurrences where my information was found on the Dark Web.  They found:

  • A breach on 8-13-2017 on the site.
  • A breach on 6-9-2016 on an unknown or unidentified site. (Not too helpful there…)
  • A breach from 2-17-2014 on

Doesn’t look too bad, does it?  And nothing from the Equifax breach.  So am I in the clear?  Check back with us on Wednesday when we provide some additional answers and options for you.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.