On the 4th of December 2013, Troy Hunt launched Have I Been Pwned? - a free, public service which allows people to check whether they've become a victim of a data breach (cyber security incidents where unauthorised people access sensitive data such as names, email addresses, passwords, and payment information).
In recent years, the number and magnitude of these data breaches have increased exponentially. This can clearly be seen in the above screenshots where the number of "pwned" accounts has risen from a relatively low 150+ million to a staggering 5.3+ billion.
Troy has remained vigilant in staying up-to-date on data breaches and has gone above-and-beyond in adding features such as:
The option to get notified if your email address appears in a data breach.
The option to search by domain name, rather than just email address, and get notified if it appears in a data breach. This is invaluable for organisations.
A sub-service named Pwned Passwords - a searchable and downloadable list of 500+ million real-life exposed passwords in various formats for various use cases.
An API so that its services can be integrated into other applications.
Recently, Have I Been Pwned? has started gaining the attention that it deserves - the password manager 1Password and the software development platform GitHub have both integrated Pwned Passwords into their software to keep their users safe.
Gain some insight into whether your data has been compromised and stay aware by making regular use of Have I Been Pwned?. Thanks Troy!
This is far from the only thing that you can do to protect yourself and we'll have plenty more tips and tricks in upcoming posts!