The list of data breaches is growing daily.  It is difficult to keep track of whether any of your accounts might have been compromised. One great place to check is the website "Have I Been Pwned" (https://haveibeenpwned.com) created by Troy Hunt.  The site is continuously adding data from data breaches allowing you to easily search by email address or username to see if one of your accounts was compromised.


Have I Been Pwned

Their database currently contains 3,999,249,352 accounts from 228 different compromised sites.

You might not be concerned if an account was compromised that doesn't contain sensitive information but since passwords are often shared across multiple sites a hacker might be able to login to one of your other accounts using the same password.

 

Domain Search

In addition to searching for specific accounts you can also search for all email addresses belonging to your domain.  This way you can easily identify employee accounts that might have been part of a breach and notify them if necessary.

Search by Domain

API

If you are looking for an way to connect the database to your own security solution you can use the free API.  There are several existing libraries and modules that have been created to search the database.

Search by Domain

 

 

 

Add new comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.