Learn more about how Attack Surface Risk Management monitors for your organization's data leaked on the dark web.
Cybercriminals phish users and exploit vulnerabilities in websites, databases, networks,
and
web apps to gain access to confidential data, such as user credentials. These data
are then often
traded or sold on underground online platforms, commonly known as the dark web.
Trend Micro specialists constantly monitor the internet,
particularly the dark web, for leaked and breached data. Once such data is identified,
it is
validated and ingested into Attack Surface Risk Management. When
you register a domain in Trend Vision One, a scan is performed to
verify whether the domain users' data have been compromised by a leak — with historical
data back
to 2010. Afterward, Attack Surface Risk Management performs
additional scans on a weekly basis.
In Operations Dashboard, data leaks are represented by the
Leaked Account Identification risk event. The following items can be listed in the
compromisedFields field, which indicates the types of data were compromised in the
leak:
|
Data type
|
Description
|
|
name
|
Name
|
|
surname
|
Surname
|
|
fullname
|
Full name
|
|
dob
|
Date of birth
|
|
ssn
|
Social Security Number (US), or Número de Afiliación de Seguridad Social or Número
de
Usuario de Seguridad Social (Spain)
|
|
nid
|
National Identification Number (Europe)
|
|
sin
|
Social Insurance Number (Canada)
|
|
passport
|
Passport number
|
|
tax_id
|
Tax identification number
|
|
driving_license
|
Driver's license number
|
|
address
|
Full address
|
|
city
|
City of the address
|
|
state
|
State of the address
|
|
zip
|
Zip code of the address
|
|
country
|
Country of the address
|
|
phone
|
Telephone number
|
|
telephone
|
Telephone number
|
|
email
|
Email address
|
|
username
|
Username
|
|
password
|
Password
|
|
insurance_provider
|
Insurance provider
|
|
insurance_account
|
Insurance account number
|
|
medical_info
|
Medical insurance account number
|
|
bank_account
|
Bank account number
|
|
iban
|
International bank account number
|
|
credit_card
|
Credit card number
|
|
mother_name
|
Mother's maiden name
|
|
domain
|
Email domain
|
|
company
|
Company name
|
 |
Tip
|