Matchlight searches for stolen data on the darkweb

Data theft is a big issue. From the hacking of celebrity photos serious data breaches like the recent hacking of the IRS, unsecured data often ends up in the wrong hands and on the dark net. A new data service, Matchlight, launched last week and claims it can trace the source of a data breach all the way through the underbelly of the internet, the dark web.

Matchlight's goal is to reduce response times to data theft. Matchlight tracks data by creating a unique set of "fingerprints" of the stolen data. The service securely (using cryptographic hashing) sends the fingerprints to its cloud and pairs the fingerprints with a complex web crawler capable of indexing sites on the dark net.

Matchlight co-founder Michael Moore says the crawlers navigate quickly. "We can look inside marketplaces where there may be credentials required — we're accessing the same way humans do, but thousands of times larger." According to the developers, the service is designed to discover a security breach within seconds or minutes.

The developers claim that during an earlier testing phase, in a single day they tracked down 30,000 credit card numbers and 6,000 email and passwords pairs that went up for sale the dark web.

Matchlight creators plan to use their algorithm to prevent future data thefts, as well. By building theft profiles from previous data breaches,

As for the recent IRS security breach that stole the personal information of over 100,000 U.S. taxpayers, Matchlight developers say the whole ordeal could have been prevented–not by better security, but by better tracking of previous big data thefts. In theory, personal data stolen from expansive hacks like Home Depot and Target could have been used to create profiles on taxpayers, granting hackers the ability to penetrate more deeply into IRS records.

Source: ZDnet