Personally identifiable information (PII) can quickly make its way to the Dark Web, where it can do considerable damage to those affected by a breach. Therefore, understanding what happens to compromised patient data is a significant part of any data breach recovery effort.