A leak notice is created when the exact text of one of your identity watchlist items is found in a record leaked in the hacker community.
If the leak matches an email address, you will need to verify that email address before you can see the associated text of the leak.
If the leak matches a free text item (username, phone number, etc), the leak notice determines if there is an email address in the record.
Since digital identities, such as usernames, can be used by multiple people at the same time on different services, we use the email address in the record as the next best unique identifier for the record. If there is an email address in the record, then the leak notice will ask you if you use that email address. If so, you can add that email address to your watchlist, verify the address, and then view the associated text.
By reviewing the source of the record and the associated text, you may be able to narrow down the exact extent that your identity has been exposed. Given the nature of hacker shared information, the exact source may never be known.
You can use the Security Recovery checklist to reduce your cybersecurity risk from the identity leak. When you have completed all of the steps in the Security Recovery checklist, you can mark the identity leak as fixed, as a way to remind yourself that you have already worked through the checklist.
You can also delete the leak notice if after reading the notice, you have determined that the identity in the leak isn’t you, or doesn’t represent a risk to you.