December 26, 2024

Proton Announces Dark Web Monitoring for Credential Leaks

Posted April 22, 2024 at 11:58pm by iClarified · 2372 views
Proton has introduced Dark Web Monitoring for credential leaks for all users with a paid plan. The feature can be found in a new Security Center window in Proton Mail and in your Security and Privacy settings.

Dark Web Monitoring scans hidden parts of the internet for Proton Mail email addresses that have ended up in illegal data markets. If our system detects a breach that affected one of your accounts used to sign up to a third party website, you'll receive a Security Center alert along with actions you can take to mitigate the risk.



How does Dark Web Monitoring work?
Proton's dark web detection continuously scans dark web hubs associated with illicit activities, such as hacking forums and markets, searching databases for emails contained in data breaches that use any of Proton's 19 email domains (for example, @pm.me, @protonmail.ch, etc.) as well as any other information associated with those email addresses (like stolen credit card details, for example). We use our own threat intelligence datasets that are also enriched with data from Constella Intelligence(new window), a leader in digital threat management. No user data is ever shared with third parties, but we do analyze reports from third parties any time they find leaked information or data stolen in a hack from a third-party online service that's tied to a Proton Mail email address or a Proton Pass alias.

Our system will alert you if it finds leaked details of any of your accounts for third party websites. You'll receive comprehensive information about the breach, including what data was compromised and the affected service, if available. Additionally, we explain what you can do to safeguard your digital identity and minimize the risks of future breaches.



Know which accounts needs protecting
Dark Web Monitoring will show all known breaches that have affected your accounts over the last two years. While all breaches carry risks, we highlight the breaches you should prioritize with a red indicator. These breaches require immediate attention, typically to change passwords that were exposed as plaintext or weakly hashed(new window) (for example, using MD5).

Orange notifications show breaches that affected your accounts but where either no password was leaked, or where your password was encrypted or strongly hashed (for example, with SHA256 or bcrypt). Note that these breaches can still expose sensitive personal information.

Future Plans
Proton says it plans to add new features to Dark Web Monitoring including notifications for Android and iPhone, custom domain monitoring, and monitoring of external email addresses.

More details at the link below...

Read More