I just upgraded to Norton 360 and the Dark Web Monitoring was activated for the first time.
I was alerted that my username and password used to login a website (very famous and reputation one for data storage) was exposed 5 years ago.
I did a google search and that company had a data breach around the same time. I did change my password after that breach incident.
The next 2 notifications from the Dark Web Monitoring were related to the same website. It said my username and password (which Norton showed partial password) was found in a list on a dark web in November 2020.
The partial password is the one I used for that website. I did a search and that company didnt have any data breach around November 2020.
Should I start to worry now? I did have two-step verification turned on that account over 3 years ago, so not sure if any damage could have been done if they knew my username and password.
If you are able to see the information in the alerts, you do not need a verification code. The first time I tried to read the information in an alert, some information was masked. That is when I was prompted to request the code. After I received the code and entered it into the Norton site, the information was available to me. And subsequent logins no longer required verification on my email.