search
top


May 29, 2016 Posted in Breaches, Featured, Information Security

Have you been pwned?

Have you been pwned?

Leaked passwords

Hi Everyone,

Today’s post is related to data breaches and an interesting website idea that has turned up on the Internet.

 

So a fellow co-worker alerted me on a website that he had recently found.

 

We know breaches are taking place all the time in fact there is one taking place right this very moment.
And, in the next minute, the next hour and so forth…….

 

Many of these breaches are not disclosed and that might be because many organizations are not yet aware of being breached.
I’ve read about banks and other organizations learning years later about being breeched.
And, some organizations may never know at all depending on how sophisticated their infrastructure set-up may be.

Total average total cost of a data breach for the participating companies in 2015 was $3.79 million.

 

It looks like someone finally has come out with an interesting plan for end users. 

Identifying Leaked Passwords

The plans seems to be of one where a large database is created, which hosts email addresses related to breached data that’s been placed in the public.

 

No actual personal data is stored besides email addresses associated with that certain type of breach.
At least that’s what is mentioned on their website and I’d assume that is so.

 

It was interesting to see the results for various random email addresses including my own.
It does make you aware of what email addresses are being used for and on what websites/organizations.

 

All those guys that had Ashley Madison website accounts and for some odd reason used their real email addresses (why??).

Tip: If you’re going to cheat at least use a fake email address and account.

Well have fun when people that know you enter your email address into the database.
I think those wives and girlfriends are in for a surprise……..

 

I can see this website being used both in a positive and negative way.
If you have a breached account, then it helps an attacker in the way of knowing where you have existing accounts.

 

On the other hand, it’s a great tool for someone that may use the same password on multiple sites (you shouldn’t be doing this in the first place).

Never use the same password on multiple websites. Hackers will always try to use one of your existing passwords on all other known websites.

Or, for someone who generally wants to know what type of information could be leaked out there in the web (Secret questions/answers, full name, other personal information).

Checking Yourself

I’d urge everyone to check their email address and see if it has been breached anywhere at some point in time.
At least this way you know what part of your personal data is out there.
And, you can go ahead and change your passwords on those compromised websites.

 

If you wish to check if any of your accounts have ever been compromised feel free to visit the official website below.

 

https://haveibeenpwned.com Visit Website


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

top