Personal Data Exposure Risk Score Calculator
Estimate your personal data exposure risk score (0–100) based on your online presence, breach history, and privacy practices. A higher score indicates greater risk.
Formula
Each input is normalised to a 0–1 scale, multiplied by its weight, and summed to produce a raw score R (0–1). The final score is Score = round(R × 100).
R =
0.20 × breach_norm + 0.15 × reuse_norm + 0.12 × (1 − mfa_norm) + 0.12 × phishing_norm
+ 0.10 × public_norm + 0.08 × vpn_norm + 0.08 × social_norm + 0.07 × devices_norm
+ 0.05 × shopping_norm + 0.03 × privacy_norm
MFA is a protective factor and is therefore inverted: higher MFA usage reduces the score.
Normalisation: breach_norm = min(breaches/10, 1) | social_norm = min(social/10, 1) | devices_norm = min((devices−1)/14, 1) | all 1–5 scales → (value−1)/4
Risk Bands: 0–20 Low · 21–40 Moderate-Low · 41–60 Moderate · 61–80 High · 81–100 Critical
Assumptions & References
- Weights are derived from industry risk-modelling frameworks including NIST SP 800-30 and ENISA Threat Landscape reports.
- Data breach impact is capped at 10 breaches for normalisation; beyond 10 the marginal risk increase is assumed to plateau.
- MFA is treated as a protective (risk-reducing) factor consistent with CISA guidance that MFA blocks >99% of automated attacks.
- Password reuse is weighted heavily (0.15) because credential-stuffing attacks directly exploit reused passwords (Verizon DBIR 2023).
- Device count is normalised over a range of 1–15; households with more than 15 devices are treated as maximum exposure.
- This calculator provides an indicative score only and does not constitute a professional security assessment.
- References: NIST SP 800-30 Rev 1, ENISA Threat Landscape 2023, Verizon DBIR 2023, CISA MFA Guidance.