Google One subscription service: Monitoring your personal details on the Dark Web

isotope729 · 21st December 2023, 16:34

Quote:

Originally Posted by CarNerd

So first they leak our data.

Often it is unintentional, some security vulnerabilities exist that aren't found quickly enough. In other cases it can be the users themselves. How many of us send our confidential information such PAN card photos through WhatsApp or unsecured/unencrypted email for genuine reasons? That's a problem. In many cases, it can be vulnerability found later in the IT system that finds it way to the dark web. Not an infosec professional, but have tackled IT security throughout my career. Its the small things that add up. I know in my field information security is taken at first priority due to the nature of the business.

Its also not limited to digital information, how many of us know secrets or confidential information that was passed along in smoke and coffee breaks at our workplaces? Its not always intentionally leaked but overheard.

libranof1987 · 21st December 2023, 16:46

Quote:

Originally Posted by kiranknair

Surprised that some of the breaches are from prominent apps like Dunzo and BigBasket.

Slightly OT but related since BigBasket seems to have given away your personal info.

A tip that I'd got long back, when e-commerce was very nascent and not every product/service was online, was to provide incorrect personal / identifying information wherever it was not necessary to establish identity.

Eg. when providing DOB on say Uber or Dunzo or even Gmail or Swiggy, don't enter your actual DOB but a random date. But do remember this date, so retrieval of the account is possible. The DOB is one of the main inputs necessary for any KYC verification so if scammers have access to that, they may be able to try resetting your password for an important account (say, a Bank account).