Methodology

In information security, a data breach is an incident in which data held by some party - a person, a company, etc. - is accessed, viewed, and potentially stolen by unauthorized third parties. In layman’s terms, a standard movie hacker accessing a database to steal secret plans would be a data breach.

For our purposes, a data breach means that the intruder copied and leaked user data such as names, surnames, email addresses, passwords, etc.

In the case of a data breach, a data point is a unit of private information. Here are some common data points that can appear in a leak:

• Email address;
• Username;
• Full name;
• Password (usually hashed);
• Gender;
• Country;
• City;
• Coordinates (latitude, longitude);
• IP address;
• Locale;
• Currency;
• Phone number.

If your data has been leaked, you might be at risk of being targeted by cybercriminals. Therefore, you should change your passwords immediately. For additional information on how data breaches could expose you to online threats and how to prevent any damage, check the Data Vulnerability Thermometer.

This tool takes your selected data points and calculates how much this leaked data could put you in danger.

The data collected by our independent partners from breached databases that appear online is aggregated by data points that directly identify a user - more precisely, the email address.

To increase the accuracy of the findings, the combinations of data are sorted based on several parameters:

• Email domain name;
  • Only country-specific domain names like qq.com and similar are used, while international ones are ignored.
• Breached website domain;
  • Only domains of country-specific websites and services are used.
• Country;
• City;
• Coordinates (latitude, longitude);
• IP address;
• Locale;
• Currency;
• Phone number.

For timeline accuracy, our independent partners record the actual time of the breach instead of when it becomes public. Therefore, the numbers in the past can change as new cases are reported.

The data cannot be 100% accurate as there are multiple factors that can distort the full picture:

• Users enter incorrect information - purposefully or accidentally - in registration forms;
• Users may claim to be located in uninhabited locations;
• The IP address location can change from time to time;
• Some products store made-up testing data in their production databases;
• Phone numbers are difficult to validate without knowing the country of origin;
• Currency isn’t a very reliable factor as users can live abroad;
• Foreigners sometimes register on country-specific websites or use country-specific email addresses;
• A device’s locale can be set arbitrarily.

Our independent partners collected loads of user data from breached databases that appeared online.

This allowed us to sort through 27,000 leaked databases and create 5 billion combinations of data. Researchers could then sort those combinations based on specific data points, such as countries, and perform a statistical analysis of their findings.

To calculate the breached accounts per 100 people, the population was taken from the Worldometer website.

No, Surfshark has never had a data breach. The company takes many security measures to mitigate the risk and operates on RAM-only servers, ensuring the privacy of users' data.