Your credentials have been compromised on the dark web… What are your next steps?!
The reality is, once exposed on the dark web, your information can’t ever be completely removed or hidden. You cannot file a complaint or contact a support line to demand your data be removed.
You should immediately start taking appropriate steps and measures to correct or minimize the risks and
potential damages associated with this exposed data. Identify, understand and learn from past mistakes or failures and adopt a more proactive and preventative cybersecurity strategy moving forward.
Remediation Tips for Exposed Logins
- Replace exposed login passwords with new, unique passwords.
- Change/refresh any passwords older than six months.
- If the source of the breach is “not disclosed,” change the passwords of any accounts you know you used the same or similar password for.
- If you can’t remember the passwords for all your accounts, change them all. If you want to be safe, you’ll need to update all of your passwords. We know it’s inconvenient, but it’s the only way to ensure your online accounts are secure.
- Password awareness: Many people use the same username and password on multiple websites. If you use the same credentials or a variation of the same password across numerous sites, ensure that the passwords are changed to make them unique.
- Adding $, ! or any other special characters or numbers to a password does not make it unique.
- Don’t use passwords that are easy to guess, such as your pet’s name, spouse’s name or favorite sports team.
- Watch out for phishing emails. We’ve seen a significant increase in phishing attacks against emails that have been discovered on the dark web.
- We recommend keeping an eye on any suspicious activity on your online accounts if the reported compromise does not include a password. Check for suspicious or otherwise questionable emails on a regular basis.
- To keep track of your passwords, consider using a password manager.
- Close unused accounts. If a previous employee’s credential was compromised, double-check if all third-party sites they had access to were turned off.
Comprehensive security solutions are difficult to implement, time-consuming and may require IT expertise that your company lacks. Working with a managed service provider like us can relieve you of the hassle while also providing the peace of mind that you deserve. Contact us to schedule a no-obligation consultation.