How to set up Data Breach Scanner for NordPass business

Introduction

Business Data Breach Scanner monitors all email addresses under your company domain to help you detect and respond to data exposures quickly. Once configured, it tracks your entire domain—for example, monitoring acme.inc would alert you if addresses like john.smith@acme.inc, ceo@acme.inc, or finance@acme.inc appear in dark web breaches.

Note: You can add only 1 domain for breach monitoring. If you’d like to add more, please contact our sales team at sales@nordpass.com.

This guide explains how to set up the Data Breach Scanner for NordPass Business to monitor whether any company email addresses under your domain have appeared in known data breaches.

Before you start

A domain host is an internet service that manages your domain name, such as 'www.example.com'. 
Domain hosts use Domain Name System (DNS) records to connect your domain name with email, websites, and other web services. 

If you don’t know your DNS provider, check your domain host via GoDaddy, NameCheap, Google Domains, or try using MXToolbox (select DNS lookup) and enter your domain.

Here's what to do

1. Navigate to the Admin Panel for Business as an organization's owner.
2. Next, select the "Settings" button located on the left side, and click on the "Admin Panel" button.
3. Click on the "Data Breach Scanner" button and select the "Add Domain" button.
4. In the new window, enter the domain name you want to monitor and click on the "Save" button.
5. Copy the exact generated DNS TXT snippet.
6. In your domain’s DNS configuration, create a new TXT record and paste the snippet as the TXT value.
   
   Note: The TXT record must contain only the NordPass verification code. If the TXT record value contains anything else, verification will fail. If you must, create a new TXT record. Enter “@” as the hostname or leave it blank.
    
7. Optionally, manually check if the TXT entry was added correctly using a DNS lookup tool (for example, ViewDNS). Enter your domain and confirm that the NordPass verification code appears under the TXT records.
8. After the TXT entry is added, NordPass will periodically check it in the background and notify you by email when verification succeeds or fails.
9. Wait for verification to complete. DNS TXT verification usually takes minutes, but in rare cases, it may take up to 72 hours, depending on your domain host.
10. If you lose your DNS TXT record, you can view it again by selecting the "Three-dots" button next to your chosen domain and selecting the "Show details" button. 
11. Additionally, you can permanently stop domain monitoring by pressing the "Delete" button, and selecting the "Delete" button once more, confirming your choice.

Additional Tips

• If you can't verify your domain, it may be because of one of two reasons:
  1. Your TXT record setup may be incorrect. The TXT record must contain only the NordPass verification code. If the TXT record value contains anything else, verification will fail. If you must, create a new TXT record with hostname “@” or an empty value.
  2. If you are unable to start/retry verification, it may be because the domain is already in a list, or there may be an error in the system. In this instance, we recommend reaching out to our support team with your query, and we will look into it immediately.
      
• If your data was breached, we recommend checking out our guide on how to handle a data breach incident.
• If the domain is unknown, we cannot provide further clarification with that specific entry. This occurs because data found on the dark web can be incomplete - we may find out about the total scope of data categories, but data itself may be missing. In either case, we will inform you when your email address or credit card is found, regardless of the data completeness. It is important that you change any passwords you may be using with the exposed credentials.