Data Breaches and the Dark Web: The Danger of a Single Password

With the rise of technology in the past decade, many companies have fallen victim to data breaches. A data breach is an event where any amount of data that a company is supposed to keep private or secure becomes widely available. This event can occur any number of ways: A company may be hacked or accidentally make sensitive data available—even a single, unaccounted-for company laptop poses a risk.

The Details of Data Breaches: Compromised Data

The compromised data in these breaches is often either personal information about a company’s employees or customers or, as recent breaches have illustrated, usernames and passwords that access a certain website or service. Any company that experiences a data breach can—and should—quickly notify all the affected individuals so that they may update their passwords and reduce the risk of any unwanted access occurring.

However, many users tend to use the same password for multiple websites and services, so updating that single username or password may fail to avert the risk a data breach imposes. Since many websites and services use your email address as a username, any database of usernames and passwords becomes a launching point for unauthorized access to many websites and services.

From Databases to the Dark Web: Bad Actors and Credential Stuffing

Databases of usernames and passwords are often sold or freely distributed for download on the Dark Web. The Dark Web is the name given to sites on the internet that exist on dark nets and require specific web browsers, configurations, or authorization to access. An important aspect to know about the Dark Web is that, by design, purchases that take place there are incredibly hard to trace. If someone wants to buy a database of usernames and passwords while ensuring the transaction remains anonymous and untraceable, the Dark Web is where they go. And, unfortunately, most purchasers of these databases intend to use the data for illegal purposes and personal gain.

Once a purchaser, known as a “bad actor”, has a database of hundreds, thousands, or even millions of usernames and passwords, they may attempt something known as credential stuffing. Credential stuffing is an automated process that uses compromised username and password combinations to log into hundreds of websites. These websites could be email services, social media sites, enterprise applications, or even financial institutions. If this bad actor can find a website that grants access based on a username and password, it requires minimal further effort to attempt to log in with any or all of these usernames and passwords compromised by a data breach.

This first attempt at credential stuffing will usually have a very low chance of success because passwords are changed regularly; Many services require users to change their password often. However, the bad actor can look at passwords that failed and potentially guess what the correct password would be. Suppose a bank had a data breach last year that included a user’s email address and their password: ForestGreen2019.  The bad actor could simply try the password ForestGreen2020 with the same username, and they would have access to the account, even though that user’s current password was technically secure. Once again, it requires very little effort for the bad actor to automate combinations of the usernames and updated passwords. 

Dark Web Monitoring: How We Help You Keep Your Data Safe

This is where Dark Web Monitoring comes in. The type of Dark Web Monitoring offered here at Element Technologies can help protect your company from the type of cyberattack described above.  Dark Web Monitoring searches all known data breaches for a specific email address—or an entire email domain—and informs you of how often that email address appears on the Dark Web with any given password. This gives you the opportunity to update any online accounts that use that email address and password combination before your data becomes compromised. As new data breaches occur, Element’s Dark Web Monitoring keeps an eye on the Dark Web so that we can warn you as quickly as possible if a username and password ever reappears.  

Dark Web Monitoring is a fantastic tool to protect you and your company from unwanted access or attacks that may occur due to a single compromised password. For more information on the cybersecurity services Element Technologies offers (or to request a free Dark Web scan), check out our website at ele-ment.com or give us a call at (612) 876-5432.