What can you do about passwords found on the dark web?
passwords are exposed in cyberattacks

What can you do about passwords found on the dark web?

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

As growing numbers of cyberattacks plague the UK and the rest of the world, more and more people are suffering due to passwords found on the dark web.

The dark web consists of areas of the world wide web that are usually accessible with the use of specific software or authorisations. It is where hackers can sell information that has been hacked, and where criminals can go to find information to exploit.

If one or more of your passwords has been found to have been breached, what can you do about it?

Safety first

Before we go into what people can do from a legal perspective for passwords found on the dark web, let’s address what steps you should take to protect yourself.


  • Secure your accounts by changing your passwords immediately;
  • Make sure you use strong, complex passwords that are a combination of letters, numbers, upper cases, and special characters;
  • Do not re-use passwords for more than one account;
  • Consider applying two-factor authentication to accounts or at least automatic notifications of login events;
  • Keep a very close eye out for suspicious activity and check any login audit logs;
  • Speak to companies that are involved and take heed of their advice too.

The last thing you want is for your login credentials to be abused – do the immediate and necessary things to keep yourself safe.

Legal rights for passwords found on the dark web

For passwords found on the dark web, where your credentials have been subject to a cyberattack or data breach involving an organisation, you have rights. What we mean by this is that, if the loss of control of your personal details was caused by your data being stolen from someone else, you may have a claim.

Some easy examples based on some of the dozens of group action cases we represent thousands of clients for:

In these scenarios, information (not necessarily passwords, this is just for example purposes) was stolen from those companies. As a result of the data theft, we believe that the above companies could – and should – have done more to have prevented the attacks from being  successful. For example, Equifax failed to patch a known security vulnerability that was then exploited by hackers. British Airways has been issued with a provisional intention to fine in the sum of £183m as the ICO (Information Commissioner’s Office) confirmed that they could have taken more steps to prevent the attack taking place.

So, when someone else is at fault in cases of passwords found on the dark web, that is when you could be eligible to claim compensation. The GDPR can allow you to receive damages for the distress caused by the loss of control of your personal information, so it is not a case of only being able to claim when money is lost or stolen. On the contrary, most legal cases are for the distress alone, and this can be so substantial that data breach compensation pay-outs are often in the thousands of pounds area.

Legal advice now

You could be entitled to make a No Win, No Fee data breach compensation claim with us today.

As a leading firm of data breach lawyers, we are always happy to provide people with free, no-obligation advice about their options for justice.

Speak to the team here today and we will see if we can support you in any way that we can.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon