The number of breached companies remains high – but fewer users are affected. However, with the information of nearly two-thirds (62%) of Dark Web Monitor users still available on the dark web, the risk of data theft is as high as ever. In this article, we’ll explore all this in more detail and recommend ways you can protect your data.
Let’s start by defining NordVPN’s Dark Web Monitor and how it protects user account safety.
Dark Web Monitor is a cybersecurity feature that runs in the background to help you prevent hackers from exploiting user account information leaked to the dark web.
It scans the dark web for leaks of the email address associated with your NordVPN account and alerts you if and when a leak is detected.
Once you receive an alert, you should immediately take action to protect your information (like securely changing your password on the affected account).
To understand the changing landscape of data breaches and cyberattacks, we’ve looked at the topline data of Dark Web Monitor. Here’s what the data shows.
Please note: the data referenced only includes breaches with a known incident date (about 7%). The number of data breaches registered by Dark Web Monitor annually is much higher.
According to the Dark Web Monitor data, the number of breached companies per year remains high. The chart below shows breaches increased between 2012 and 2018, with a slight decrease in 2018.
In 2020, the number of breached companies reached a peak at 350. While it is difficult to know the exact reasons why 2020 resulted in so many attacks, it could potentially be linked to the domination of the Coronavirus and COVID-19 scams that year.
Looking at the past two years, the number of attacks on companies hasn’t decreased. However, most of the breaches affected fewer than a million users, potentially because hackers have started targeting smaller companies.
Despite the high number of data breaches in 2021 and 2022, the Dark Web Monitor data shows that the number of leaked data per incident has decreased since 2020.
NordVPN looked at leaked records per incident. Compared to 2020, the number of leaked records per incident dropped significantly in 2022.
Let’s illustrate this trend with a few recent examples. Several big, well-known companies experienced data breaches in 2022, with relatively few users affected.
NordVPN has also uncovered a shocking statistic: 62% of Dark Web Monitor users still have their personal data on the dark web. These users have received alerts urging them to safeguard their accounts.
Ignoring Dark Web Monitor alerts means your information remains on the dark web, exposing you to serious privacy and security threats.
If you’re unsure how to check for Dark Web Monitor alerts or what to do when you receive them, read this article on using the Dark Web Monitor feature.
We’re seeing this shift for several reasons. Let’s go over those in a little more detail.
Companies are doing more to protect customer data, such as using end-to-end encryption for computers.
Businesses are also adopting more cloud security tools allowing them to encrypt data before uploading it to the cloud, monitor end-points, and rank data per risk level.
These practices could be why smaller companies are more affected by data breaches, with larger organizations having more resources and funds they can dedicate to advanced cybersecurity.
Ransomware attacks are an easier way to monetize stolen data. Thus, instead of selling it on the dark web, hackers demand that the breached company pay a large sum to retrieve it.
Several large ransomware attacks have taken place over the years, with the Colonial Pipeline incident being one of the most significant ones. You can read more about it and several others in this post on the worst ransomware attacks of 2021.
Fewer people are using email addresses and passwords to log in, with more logging in with their Google or Facebook accounts. Doing so provides fewer interception opportunities as both Facebook and Google have strong security standards.
MFA adds an extra layer of security to online accounts, requiring users to verify that they made the login attempt, not someone else. With more users choosing to enhance their account security with MFA, fewer data points end up on the dark web.
Instead of purchasing user login details, criminals can now buy bots that include cookies, digital fingerprints, and forms. Doing so gives them more information about the user, making it easier to access their accounts.
If hackers gain access to user data during a data breach, they can use it in many ways:
While companies must do most of the work to keep your user data safe, you can also take steps to safeguard your account information.
One way to do so is by turning on NordVPN’s Dark Web Monitor. Use it regularly for good digital hygiene — and receive an alert if your data appears on the dark web so you can immediately take action.
Here’s how to enable it on your NordVPN account for continuous monitoring:
The data above comes from the Dark Web Monitor feature and only includes breaches with a known incident date. Therefore, it doesn’t reflect the actual number of breaches registered by the Dark Web Monitor in the years listed.
Dark Web Monitor only detects breaches that end up on the dark web. Other breaches occur, but hackers may ask for ransoms and not publish user data on the dark web.
The data mentioned in the article only includes active Dark Web Monitor users. NordVPN looked at the number of leaked email records of active DWM users.
Want to read more like this?
Get the latest news and tips from NordVPN.
We value your privacy