Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Microsoft Defender sends you an alert...

An alert that your data has been found on the dark web.

...and when you look at the breach details your first thought is "Why would Tailwind Toys have my data? I never shopped there!"

It's fairly common for people to get breach notifications for unfamiliar sites. Let's take a look at a few of the ways this can happen.

It's been a while

In many cases the breach happened years ago, and you may have interacted with that company years before that. Most people who are active online have left their digital fingerprints on a lot of sites that they wouldn't necessarily remember months or years later.

You might not have even bought anything there - perhaps you just filled out an online survey or joined an email list to be contacted with information. Your relationship with Tailwind Toys could have been brief and unmemorable, but the data they saved from that interaction could still have been stored, and subsequently leaked.

It's also possible that you could have filled out a paper form or requested an email receipt when you visited one of their brick-and-mortar stores.

Tailwind Toys was Northwind Traders

Over the years companies get bought or sold, merge with other companies, or just change their names. It's possible that you were a customer of this company, or a company they bought, back when they had a different name.

Your data could have been sold

Data is big business and at many companies it's a large part of their income. It's possible that you never did business with Tailwind Toys, but they bought your data from some other company you did do business with. Then when Tailwind Toys suffered a breach, your data was scooped up too.

A simple typo

If your email address is it's entirely possible that may have simply mistyped their email address once or twice and your address may be getting found in breaches for John's account.

Likewise for phone numbers, Social Security numbers, drivers license numbers or almost any other kind of data. A simple case of rushed typing can result in erroneous data turning up in subsequent breaches.

What should you do about it?

Take a careful look at the data that was breached. If none of it is still relevant to you - or really never was - you can tell Defender to disregard it.

  1. At the bottom of the breach details card select More options.

    The More options menu on a breach details card.

  2. From the list that appears select I don't recognize this info if the data really doesn't seem to be yours, or This info is outdated if the data is old and no longer of concern.

Learn more

Protecting yourself from identity theft online

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!