Proton announces dark web credential leak monitoring

(Proton can now notify users when their information is found floating around the dark web.)

Proton's toolbox is ever expanding. From acquiring other companies like SimpleLogin or Standard Notes to building out features like Proton's Security Center, we have come to expect constant improvements from the Swiss-based company. Now, the aforementioned Security Center sees another update in the form up dark web monitoring.

Yesterday, the company announced a new feature that can notify users when Proton's system detects a breach affecting them and offers suggestions of how to mitigate risk. This retroactively includes breaches from up to two years ago and will include as many breaches as possible moving forward.

“With so many data breaches, including of major websites generally considered safe, protecting your accounts is no longer a question of whether your credentials will leak, but whether you are prepared with additional safety measures in place to prevent damage,” Proton write in their announcement blog post. “Proton offers a robust safety net to protect our community, of which Dark Web Monitoring for credential leaks is just the latest example.”

This feature is possible because of Proton's continuous scanning of dark web hubs known for illicit activities. Some notable sources are various hacking forums and dark web markets.

Proton search for their 19 available email domains to identify affected customers. This does not include Proton Pass and SimpleLogin aliases yet, but it does include custom domains used on your account.

Proton utilize their own threat intelligence datasets mixed with data acquired from Constella intelligence to effectively hunt for these threats and breaches. They also assure none of this information is shared with third parties, though they do admit to ingesting data from other sources to better spot leaked Proton user credentials.

As I previously mentioned, once you are alerted that Proton has spotted your credentials somewhere on the dark web, they will label the severity of the leak and offer suggestions as to what you can do to safeguard your digital identity and mitigate further impact.

The feature is opt-in, and though Proton have plans to include dark web monitoring functionality into their mobile apps in the future, it's currently only accessible via the web and desktop apps.

You'll also need a paid Proton account to take advantage of dark web credential monitoring. So, if you haven't made an account, you can sign up for a free month of Proton Mail Plus at my referral link below and test it out for yourself.

Try out Proton Mail Plus for free

Tags: #News Comments: Discuss...