Other Home Security Products

Frequently Asked Questions about Identity Theft Checker

This article covers some frequently asked questions about the Identity Theft Checker tool.

What information do I get in the breach report?

The breach report notifies you of the following types of information:

Any personal identifiable information (PII) associated with the breach: passwords, credit card details, address, and so on,
The name of the breach,
What company or entity was involved in the breach, and
When the breach took place.

As we value your right to privacy, we do not disclose any details about the exact personal information breached.

What if the breached service is unknown?

Sometimes breached services cannot be revealed or explicitly identified. Combo lists, undisclosed services and data aggregations fall under those types of incidents. In these cases, follow the instructions in your breach report and pay special attention to any suspicious activity in your online accounts.

What happens when there is a data breach and my data gets stolen?

When a data breach happens, it means that cyber criminals access data sources illegally and can get their hands on sensitive personal data. The data can also end up being sold on forums and market places on the deep and dark web. This data may be used for illegal activities such as fraud, identity theft, and blackmail.

If your data has been part of a breach—depending on the scenario, you are advised to take action immediately to prevent cyber criminals from getting further access to your systems or from using your data.

Some tips on what to do:

Act without delay and change any affected passwords.
Contact your bank immediately and cancel any bank or credit cards.
Turn to the relevant authority dealing with online criminality and report that your data has been stolen.

Do I need to give my email address to use the service?

Yes, you do. In most cases, your email address is central to your online identity and any personal identifiable information (PII) stored with the online services you use. Login credentials almost always consist of an email address and password nowadays.

We, therefore, use your email address as a search term or as a piece of information to identify any breaches that have taken place and compromised your data, as well as the online services that you use.

I have not received the breach report by email. What has happened?

We only send you a breach report by email if your email address has been involved in a data breach. If there is no reason for concern, we do not send you an email.

If you have not received an email, check the following:

Your spam folder, and
Your inbox and that it is not full.

Sometimes email providers misinterpret email from certain sources and automatically block email or move it to spam. This may happen due to excess traffic or certain email content.

Due to these reasons, it is always a good idea to try the service again later.

Can F-Secure remove my personal data on my behalf if my data has been part of a breach?

If your personal data has been part of a data breach, this means that your data may end up in databases across the dark or deep web. The issue with retrieving data once it has been compromised is that the data no longer has an owner.

When you sign up for the service, you request that we look—on your behalf—into our database of breach information to identify if your email address matches any data in that database. We use your email address to search various sources across the dark and deep web, but as F-Secure does not own the data, we cannot remove or delete anything.

Why does F-Secure show different results in their breach report to other hack search sites?

This has to do with how data is collected and recovered after a breach. Each company or service has their own way of doing this, which may result in differences in the way breaches and the information associated with the breach are categorized. Hence, the results in the breach report may vary in comparison to other third party vendors.

When does F-Secure find out that a breach has happened?

F-Secure is able to detect breaches and recover data affected by a breach early on. Using automated technologies combined with a human factor, we are able to recover breach data long before that data is made publicly available in places like the dark web.

Each breach is unique and different in nature, which means that the time from when a breach happens to when F-Secure is able to recover the data may vary. Typically, F-Secure is able to recover breach data within weeks from when a breach first occurs, while other means of dark web monitoring may require several months to acquire that same data set.

I have changed those passwords affected by the breach, but the same information shows up in the breach report.

We recover data that has been part of a breach and that has been openly exposed to criminal market places such as the dark web. Our breach report is like a snapshot of the breaches that have taken place in the past. It does not, however, erase your old credentials that were part of the breach at that time.

Changing your password or passwords after a breach has occurred is precisely the right thing to do to combat the threat of identity theft.

However, when you run the report again, it is not possible for F-Secure to know that you have changed your password or passwords. The report can only show the information that is in our database and associated with the breach at the time.

The report shows a data breach that took place a long time ago.

First of all, make sure you are no longer using the same password that was compromised or any variation of that password with any other services. If you have not changed your password or passwords since the breach in the report, this means that your personal identifiable information may have exposed for several years.

How does F-Secure get the information from data breaches?

We get this information from many sources by collecting data sets that have been breached and leaked using multiple techniques. Our primary focus is using a human approach coupled with scanning and monitoring technologies that can access forums on the deep and dark web.

We collect a massive amount of data on a daily basis. Once we have the data, we put it through a rigorous quality-control process to determine its value. This includes sorting the data into file types, types of data, and getting rid of data that is not useful. We may also get duplicate data that we already acquired from a previous breach, so the data also goes through a process to eliminate these duplicates.

Once the data collection and controls are done, we run checks on the authenticity of the data. The final phase in handling this type of data is to transfer the data analysis into the report.