It’s one of those tools more people ought to use (like password managers), because it not only exposes real threats, it also opens your eyes to the fact that you really should be a lot more paranoid about you data than most people are.
Running my main email through it just now, this is the list of sites that have managed to lose my data. Many of these included passwords in various states of undress. These particular breaches span from 2013 to 2023. Each company name is followed by the information contained in the breach:
Data Enrichment Exposure From People Data Labs — Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Social media profiles
Deezer — Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Names, Spoken languages, Usernames
Dropbox — Email addresses, Passwords
Gravatar — Email addresses, Names, Usernames
Kickstarter — Email addresses, Passwords
LinkedIn — Email addresses, Passwords, Education levels, Email addresses, Genders, Geographic locations, Job titles, Names, Social media profiles
MyFitnessPal — Email addresses, IP addresses, Passwords, Usernames
Plex — Email addresses, IP addresses, Passwords, Usernames
Twitter — Email addresses, Names, Social media profiles, Usernames
Because I use unique passwords for everything (long time 1password user, recently switched to Bitwarden which is free and works and syncs great on/between my Mac and Android phone), I’m not particularly worried about any of these, and all the passwords have since been changed.
But look at all the other shit that’s in there 😳 DOB, IP, country, usernames associated with my email, education level, gender, social media accounts, phone numbers, home address. Even if you’re not paranoid, do you really want everyone with a Tor browser and a cheap VPN to have access to that shit if they want to get to know you? 🤢
That’s why I wanted to point out that HIBP is one of the good guys; no need for people to get bad vibes about a tool they might actually have an interest in using 😊
Yeah I really called it wrong on my initial comment.
I took a look at my pwned history and it looks like we share a lot of sites.
Quite concerning and now I am at least using a password manager.
I am still on LastPass but am considering others.
It simply “works” in my case though, and I’m not sure how easy it would be to change to a new one so with them I stay.
It sucks that they made it into a “pay to play” if you want full cross platform access, but I use my gaming PC for so few sites that it isn’t a huge deal to just lock my LasPass to iOS.
I stand corrected, with thanks!
You’re so welcome! 😃
It’s one of those tools more people ought to use (like password managers), because it not only exposes real threats, it also opens your eyes to the fact that you really should be a lot more paranoid about you data than most people are.
Running my main email through it just now, this is the list of sites that have managed to lose my data. Many of these included passwords in various states of undress. These particular breaches span from 2013 to 2023. Each company name is followed by the information contained in the breach:
123RF — Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
500px — Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Usernames
8tracks — Email addresses, Passwords
Adobe — Email addresses, Password hints, Passwords, Usernames
Bitly — Email addresses, Passwords, Usernames
CafePress — Email addresses, Names, Passwords, Phone numbers, Physical addresses
Data Enrichment Exposure From People Data Labs — Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Social media profiles
Deezer — Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Names, Spoken languages, Usernames
Dropbox — Email addresses, Passwords
Gravatar — Email addresses, Names, Usernames
Kickstarter — Email addresses, Passwords
LinkedIn — Email addresses, Passwords, Education levels, Email addresses, Genders, Geographic locations, Job titles, Names, Social media profiles
MyFitnessPal — Email addresses, IP addresses, Passwords, Usernames
Plex — Email addresses, IP addresses, Passwords, Usernames
TheTVDB.com — Email addresses, Passwords, Usernames
tumblr — Email addresses, Passwords
Twitter — Email addresses, Names, Social media profiles, Usernames
Because I use unique passwords for everything (long time 1password user, recently switched to Bitwarden which is free and works and syncs great on/between my Mac and Android phone), I’m not particularly worried about any of these, and all the passwords have since been changed.
But look at all the other shit that’s in there 😳 DOB, IP, country, usernames associated with my email, education level, gender, social media accounts, phone numbers, home address. Even if you’re not paranoid, do you really want everyone with a Tor browser and a cheap VPN to have access to that shit if they want to get to know you? 🤢
That’s why I wanted to point out that HIBP is one of the good guys; no need for people to get bad vibes about a tool they might actually have an interest in using 😊
Yeah I really called it wrong on my initial comment.
I took a look at my pwned history and it looks like we share a lot of sites.
Quite concerning and now I am at least using a password manager.
I am still on LastPass but am considering others.
It simply “works” in my case though, and I’m not sure how easy it would be to change to a new one so with them I stay.
It sucks that they made it into a “pay to play” if you want full cross platform access, but I use my gaming PC for so few sites that it isn’t a huge deal to just lock my LasPass to iOS.