• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Are Your Company Credentials Exposed on the Dark Web?

September 17, 2020 By Sam Manjarres

The dark web is a collection of anonymous websites that are publicly available, yet hide the IP addresses to make it impossible for users to identify the host. It’s very common that sensitive information made available by data breaches ends up becoming available illicitly for sale on the dark web.

According to the 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses report, 63% of businesses reported an incident involving the loss of sensitive information about customers and employees in the past year.

If you know your company domain has previously been compromised in a public data breach, a dark web report can help you identify if sensitive information such as email accounts and passwords are now vulnerable and potentially for sale on this – often malicious –part of the Internet.

What to do when you realize your company credentials are exposed on the dark web?

  • Reset passwords: Alert your IT department so they can reset passwords company-wide
  • Check for additional threats: plan to conduct a security audit with your IT team to check for additional vulnerabilities that may have occurred due to the data breach or dark web threat.
  • Turn MFA on: If you haven’t implemented multi-factor authentication yet, now is the time. You never know when your employees are part of a new breach. By doing so, you are not only protecting your employee company credentials, but also VPN access, and Cloud applications.
  • Promote internal awareness: If you have evidence that employee credentials were exposed on the dark web, use this as an opportunity to host awareness activities to remind employees of secure practices when it comes to accessing company platforms and information. More importantly, remind everyone to keep work and personal passwords separate.
  • Don’t just search the dark web once: Data breaches happen all the time. Performing consistent dark web searches is recommended so you can act fast in the event that your company domain is exposed.

Remember: when company credentials are stolen by a hacker, there is a high chance they may end up exposed on the dark web, creating greater vulnerabilities as criminals can try to use personal stolen data to access a company’s network and do further harm, including:

  • Installing malware
  • Stealing customer and employee information
  • Stealing intellectual property
  • Transferring funds
  • Deleting files or information
  • Threatening you with ransomware
  • Modifying sensitive information

If you want to find out if your company credentials are exposed, visit our dark web scan website and learn more.

Share This:

Related

Filed Under: Editorial Articles, Uncategorized Tagged With: authentication, authorization, cyber attack, cyber breach, dark web, data breach, multi-factor authentication

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • When Trying to Catch ‘Em All, Leave This RAT Alone

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • The RCE Vulnerability That Wasn’t
  • When Trying to Catch ‘Em All, Leave This RAT Alone
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use