Credit and dark web monitoring & Privacy in AI systems

Today's newsletter covers Credit and dark web monitoring & Privacy in AI systems constantly change.

Author

Cassie Crossley
August 18, 2025

In this issue:

  • Credit and Dark Web monitoring - worth it?

  • Privacy in AI systems constantly change

  • Data breaches this week

Credit and Dark Web monitoring - worth it?

A friend asked about credit monitoring services because she had received some emails that her social security number and other information was found on the web. She wanted to know what to do about it.

I've been thinking about it since she asked. I don't have one of the paid credit monitoring services because I have my credit "frozen" (as should you) which I wrote about it this article.

But since the 2017 Equifax data breach of 147 million people's information, and the data breaches that happen everyday, you must assume that your information is out on the "dark web".

The dark web cannot be accessed from Google, Microsoft, or AI searches. It's special forums, Telegram channels, computer servers, etc. where the criminals hang out to exchange details, sell data, and even sell criminal services to other criminals.

Even if a monitoring service found your information there, the service can't do anything about it. So again I stress that you should freeze your credit and reset any compromised passwords because your passwords are permanently on the dark web as found in this data breach of 184 million passwords.

Even though I haven't paid for credit monitoring, I do use the free aspects of Credit Karma and Credit Sesame to monitor my credit. I also have paid for the "Breach Watch" service in my Keeper Security password manager, because it helps me know exactly which passwords have been found on the dark web and tells me which of my accounts is still using the password.

Here are some free ways to see your information on the dark web, if you dare...

  • Google's Dark Web Report: Google offers a free dark web monitoring service for Google account holders, allowing users to add personal information like email addresses, phone numbers, and social security numbers to be monitored. Go to your Google Account, navigate to the Security tab, and then find the Dark web report section. 

  • Have I Been Pwned: This website, run by security researcher Troy Hunt, allows users to check if their email addresses or passwords have been compromised in data breaches, including those appearing on the dark web. Go to the website Have I Been Pwned and enter your email address to see if you've been compromised. 

  • Aura's Free Dark Web Scan: Aura provides a free scan to check if your email address has been exposed in data breaches. Go to Aura's scan page and enter your email address.

I did try the Google Dark Web report and it told me that my social security number and date of birth was part of the "2021 AT&T Subscriber Data Breach" and it was found on the dark web as of March 19, 2024. I haven't had an AT&T account in over 15 years. Thanks, AT&T... I'm so glad my credit is frozen.

So, are credit and dark monitoring worth it? Yes, but you don't need to pay for it. You may find value in a service like Keeper Security's Breach Watch to point you specifically to passwords that you should update.

Privacy in AI systems constantly change

In today's world of AI and the internet, privacy of your information is more important than ever. As I wrote in my ChatGPT article, usually whatever you enter into search can be used for training the AI system unless you tell it otherwise.

More than ever before, you have to be extremely careful because companies change their data privacy settings and rules which means you have to remain diligent.

I just received an email from Google Gemini AI Apps platform about "important updates". The subject line didn't mention that it was concerning data privacy!

I had played around with Google's Gemini AI with thoughts to create a specific application. I don't use it for everyday AI use, but I wasn't sure if it was connected to my regular Google searches (it's not).

Google Gemini added a new "temporary chat" feature that keeps the history for only 72 hours. However, this wasn't the most important thing in the email.

Google proceeds to try to explain some data updates:

It's saying that they are going to use anything I give them to "help improve Googles services for everyone" unless the setting is off. This means our files can be used for training.

Be very careful about the information (searches, photos, files, etc.) you give AI systems. Even if you think it's secure, the privacy and data rules are constantly changing.

Here are the top 5 things to not load into internet search engines, ChatGPT, or any AI platform, unless you want the world to one day know it too.

  • Medical results – even if you remove your name and information, the AI will know it was you that uploaded it unless you do some technical things to hide who you are.

  • Identity information – driver’s license number, social security number, date of birth, address, and phone number. I’ll be doing a future article on how to use services to remove this info from various websites.

  • Financial information – credit card, banking, net worth, retirement, and other financial info should never be uploaded to AI. It gives others knowledge which can be used for scams or fraud in the future.

  • Logins – this seems obvious, but people are using AI to perform certain tasks which means the AI needs to mimic you. Make sure you trust the AI platform to secure your login information if you want to use AI to record online meetings or do your social media.

  • Business information – there are people being fired because they have uploaded confidential information from their companies into public AI platforms like ChatGPT. Ask your company about their AI policy; they may have a private AI platform you can use.

Data breaches this week

Most of the time these will be companies that you don’t have any personal data with, but scan the names to make sure you aren’t affected.

Do you have an idea for a future newsletter? Please reply to this email and let me know.

Thank you so much!

Sincerely,
Cassie Crossley
Founder, Cyber Safe Center
https://www.cybersafecenter.com