Passwords on the dark web after the T-mobile breach? How to check what has been disclosed


There are things you can do to protect yourself if your passwords have been stolen.

Angela Lang / CNET

Has your information been stolen as part of the T-Mobile hack this month? According to T-Mobile, the attack exposed the personal data of more than 13.1 million current customers and 40 million former or potential customers, including names, dates of birth and social security numbers. That’s over 50 million customers of T-Mobile and its prepaid Metro network who may have had private information exposed.

Any stolen personal information that leads data thieves to your identity can allow hackers to do everything, make purchases and open credit accounts in your name, claim your tax refunds, and make claims. medical, while pretending to be “you”. Worse yet, billions of these hacked login credentials are available on the dark web, neatly packaged for pirates to download easily and free of charge.

No financial information, account numbers or passwords were stolen, the company said. You can’t stop hacked sites, but there are a few steps you can take to check if your information may be compromised and to limit the damage caused by the violation. If you use a password manager that creates unique passwords, you can make sure that if a site is hacked, your stolen password will not give hackers access to your accounts on other sites. A good password manager can also help you manage all of your login information, making it easy to create and use unique passwords.

After a cyberattack, a few monitoring tools can alert you to stolen credentials that are found out in the wild on the dark web, giving you a good start in limiting the damage thieves can cause. Here’s how to use two free monitoring tools – Google’s Password Checkup and Mozilla’s Firefox Monitor – to see which email addresses and passwords are compromised, so you can take action.

Now playing:
Check this out:

Are your login credentials on the dark web? To find…


How to use Google password verification

As part of its password management service, Google offers the free Password Checker Tool, which monitors the usernames and passwords you use to sign in to sites outside of Canada. Google domain and notifies you if this login information has been exposed. (You may remember Password Checkup when it was a Chrome extension that you had to add separately to Google’s browser. It’s the same tool built into Google’s password manager.)


Google’s password check detects some password issues.

Screenshot by Clifford Colby / CNET

1. If you use Google’s password service to keep track of your login credentials in Chrome or Android, go to the Google Password Manager site and tap Go to Check Passwords.

2. Faucet Check passwords and make sure it’s you.

3. Enter your Google account password.

4. After giving it a little thought, Google will display all the issues it finds, including compromised, reused, and weak passwords.

5. Next to each reused or weak password is a Change Password button you can press to choose a safer one.

How to use Mozilla Firefox Monitor

Mozilla’s free Firefox Monitor service helps you find out which of your email addresses have been in known data breaches.

1. To get started, go to the Firefox Monitor page.


Mozilla’s Firefox Monitor has identified 4 vulnerabilities for this email.

Screenshot by Clifford Colby / CNET

2. Enter an email address and press Check violations. If the email was part of a known violation since 2007, Monitor will show you which hack it was a part of and what else may have been exposed.

3. Under a breach, press Learn more about this violation to see what was stolen and what steps Mozilla recommends, such as updating your password.

You can also sign up to have Monitor notify you if your email is involved in a future data breach. Monitor analyzes your email address for data breaches found and alerts you if you have been involved.

1. Near the bottom of the Firefox Monitor page, tap the Subscribe to alerts button.

2. If you need to, create a Firefox account.

3. Faucet Log in to see a summary of the violation for your email.

4. At the bottom of the page, you can add additional email addresses to watch out for. Mozilla will then send you an email to each address you add with the subject line “Firefox Monitor found your information in these violations” when it finds that email address involved in a violation, along with instructions on how to do so. follow after the violation.

How else to monitor fraud

In addition to tools from Mozilla and Google, there are a few additional steps you can take to monitor fraud.

Monitor your credit reports. To help you spot identity theft quickly, you request one free credit report per year from each of the three major credit bureaus – Equifax, Experiential and TransUnion – to check for unknown activities, such as a new account that you have not opened. (Note that Equifax was itself part of a massive data breach.) You should also check your credit card and bank statements for unexpected charges and payments. Unexpected charges can be a sign that someone has access to your account.

Sign up for a credit monitoring service. To more actively monitor fraud, sign up for a credit monitoring service that constantly monitors your credit report on major credit bureaus and alert when it detects unusual activity. With a monitoring service, you can set fraud alerts that notify you if someone tries to use your identity to create credit. A a credit reporting service like LifeLock can cost anywhere from $ 9 to $ 26 per month – or you can use a free service like that of Credit Karma who will monitor credit fraud but not identity fraud, such as someone trying to use your social security number.

Find out more about how to secure your data, see our guides on how to protect the privacy of your phone, the best VPN services of 2021, and why you should never trust a free VPN.


Leave A Reply