A site where you sign in using your Gmail address has been hit by a data breach. And you're concerned that the compromised accounts may end up on the dark web. But how can you tell if your account was sucked up by the bad guys? One way is through dark web monitoring, and Google is now bringing this option to a lot more people.
Over the next few weeks, Google will expand its dark web monitoring to all Gmail users in the United States and then to international markets, Google Core services SVP Jen Fitzpatrick revealed in a blog post. Currently, the option is available only to Google One subscribers who pay a monthly or annual fee for more storage and other benefits. The greater access means that anyone with a Gmail address in the U.S. will be able to run scans to see if their address appears on the dark web.
Also: Hacked! My Twitter user data is out on the dark web -- now what?
If your account is discovered on the shady underground of the internet, the monitoring service will offer guidance on what steps to take to protect yourself. For example, you'll likely be urged to change your password for the breached website. You may also be prompted to turn on two-factor authentication to thwart any attempts at signing with your hijacked account.
Screenshot by Lance Whitney/With so many data breaches occurring regularly, keeping track of your online accounts can be challenging. If your email address is caught in a breach, attackers may use brute force tactics to try to determine your password, which could then lead them to other information about you. Such personal data often ends up on the dark web being bought and sold by cybercriminals looking to make a buck. That's why dark web monitoring is one way to keep tabs on your accounts.
Fitzpatrick didn't explain how the dark web monitoring would work for all Gmail users. But for Google One subscribers, the current process requires you to sign in to your Google One benefits page. There, you'll find an option for dark web report for which you click or tap the Set up link.
Also: ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways
The next page briefly explains what the feature does. Selecting the Start monitoring button then asks you which personal details should be included in the monitoring, such as your name, email address, date of birth, and phone number. Select any or all of those, and your account will now be monitored.
Once the monitoring has been activated, the summary page of your dark web report will show you the number of times a certain piece of data has been discovered. Drilling down to a specific result then provides more details, such as when the breach occurred, what other info may have been compromised, and what actions you should take in response.