By coincidence, I happened to be combing through the not Evil search engine this afternoon and came across some of my own data on a dump from 2017.
Specifically, the dump consisted of the usernames, email addresses, and passwords (in hash form) from the Blackbook social network. Here’s the full dump if you need to take a look at it: http://www.atlayofke5rqhsma.onion/upload/files/2017/11/CmCMlwr55bCSWPnVrT4q_25_1e59ca3519ecae65151ea5951b068c3d_file.txt
I immediately changed the password on my associated email address (which I do occasionally anyway). I would’ve changed my Blackbook password as well, but the original site no longer exists. Granted, this data dump is over a year old, and I hadn’t used Blackbook in ages. Still, it has to make you a little paranoid, right?
Just the fact that this happened makes me extra paranoid about using “social media” on the dark web at all, as these kinds of things happen frequently. Most forums and social networks, however, require you to register with a username, password, and sometimes email address in order to join.
Your best bet, I suppose, would be to use a temporary email address, or at least one that isn’t associated with your other accounts. This also got me wondering – what happened to Blackbook? Well, at the original URL, there was a link to a new social network, called Connect. I haven’t joined this one yet, but I plan to, at least temporarily, to see what it’s about.
For the rest of you, readers, check that link and see if your info is in there, just in case. And when you join any social network, be aware of whether or not it’s part of a data breach, and at least don’t re-use the same passwords on it.