Security company Terbium Labs starts offering limited searches for free.
Image: Andy Baxley/Flickr
It's pretty hard to know when your data might have been compromised. Over the last few years, an industry of threat intelligence firms has popped up that offer to monitor criminal forums, paste sites, and Tor hidden services for stolen intellectual property or customer information.
Now, one of these companies is letting anyone monitor the dark web for a limited amount of their own personal information. On Tuesday, Terbium Labs announced it was opening up its "Matchlight" product to the general public, allowing users to keep tabs on five different pieces of info for free.
"This industry is plagued by a lot of secrecy, and a lot of smoke and mirrors, and we want to be the opposite, and show this is the tool we built, this is what it does," Danny Rogers, CEO and co-founder, told Motherboard in a phone call.
"There's just a huge number of these smaller breaches that just don't get reported"
Matchlight, at bottom, is a web crawler or "spider" that automatically collects and pools data from sites on the surface and dark web. Through the web interface, users type in whatever information they want to keep tabs on, such as employee email addresses, their own social security number, or credit card details. When that information pops up on a site within Matchlight's coverage, the user receives an alert.
This personal information isn't actually sent to Terbium Labs; the user's browser hashes the search criteria, and then sends this cryptographic fingerprint over to the company's archive of material to check for matches. That way, Terbium Labs doesn't really know what customers are searching for, keeping the user information more secure.
For surface websites such as Pastebin, the time between a dump and its corresponding alert is minutes, according to Rogers. If the information is published somewhere else, such as on a Tor hidden service, it can take around 24 hours.
Non-paying users can also use Matchlight through the product's API, meaning they can write scripts to monitor for key terms without having to log into Terbium Lab's website. Paying customers get greater access to Matchlight's alerts and monitoring system.
On its website, Terbium Labs claims to have customers that include Thomson Reuters and IBM. But Rogers said part of this release was to attract smaller organisations that might not be able to afford other threat intelligence services.
"There's just a huge number of these smaller breaches that just don't get reported, mostly because they're not interesting to the public at large," he said.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.