What The Free Google Dark Web Report Will Soon Reveal About You

Google is making its Dark Web Report available to the hundreds of millions of users with a free Google account—and that means you will soon learn where your personal data has been leaked online.

Until now, Google’s Dark Web Report has only been available to customers who paid for a Google One account. However, starting from the end of this month, Google is making the service available to anyone with a Google account, paid for or not.

This means hundreds of millions of people will now get a warning when their email address, date of birth, passwords and other sensitive data have been spilled as part of a data breach.

Here’s the type of information the report could reveal about you.

How The Google Dark Web Report Works

To find out whether your information has been part of a data leak, you first need to create what Google calls a monitoring profile.

By default, this includes your name, date of birth and Gmail address. Google also lets you add other information to your monitoring profile, including your postal address, additional email addresses and phone numbers.

Once you enter this information, Google searches for matches in data that has been published on the dark web as a consequence of data breaches.

You’re given an instant summary of how many data breaches your details have been included in, and which type of information was leaked, as shown below.

You can click on each of those categories to find out which specific leaks contained your personal information.

For example, the screenshot below shows a summary of the information that was captured about me as part of the MGM data breach that was exposed last year.

That information isn’t necessarily accurate or up to date, which is why Google masks some of the details.

How To Use The Google Dark Web Report

In truth, there’s not an awful lot you can do if the Google Dark Web Report reveals that details such as your postal address or date of birth have been leaked in an attack. It would be pretty extreme to move just because your address has been leaked, and it’s not like you can change your date of birth.

You can change your email address, and some privacy-conscious people do periodically switch email addresses to improve security and reduce spam. However, given that so many online accounts are tied to an email address, that would at the very least involve a degree of admin as you update accounts to your new address.

It might be wise to use a portable webmail account to register for everyday web services that demand an email address, and then use a more permanent address (perhaps one linked to a domain you own) for more sensitive accounts, such as online banking and government websites.

The big one you must pay attention to and act on immediately is passwords. If the Google Dark Web Report reveals that your password has been breached in an attack, you can click through to see exactly which password was leaked. Google will only reveal a couple of characters from each leaked password for security reasons, but it should be enough to confirm if it was one you used regularly or (worse) across multiple sites.

Make sure to change any breached password immediately. I strongly recommend you use a password manager such as the free Bitwarden to ensure that you’ve got strong, unique passwords on every site you register with, so that if a password leaks from one site, the damage is contained.

How To Get The Google Dark Web Report

Google’s support page says the Dark Web Report “will become available to all users with a consumer Google Account” from late July.

It’s not yet clear where it will appear, but the security section of your My Account page on Google would be a good place to start looking.