- Debunking the biggest Alexandria Ocasio-Cortez conspiracy theories 5 Years Ago
- How to make calls on Google Home 5 Years Ago
- We now probably know the final runtime for ‘Avengers: Endgame’ Monday 11:06 PM
- Cardi B says she drugged, robbed men in her past on Instagram Live Monday 8:03 PM
- Twitter thread roasts bathtub tray ads for women Monday 7:21 PM
- Nintendo set to release two new models of the Switch—possibly in 2019 Monday 6:45 PM
- Viral cat video ‘Dear Kitten’ finds new life in TikTok challenge Monday 5:30 PM
- Here’s every show that was announced at the Apple TV+ kickoff Monday 3:53 PM
- ‘Shazam!’ embraces the spectacle and heart of the superhero genre Monday 3:45 PM
- How to mute Twitter’s suggested tweets on your timeline Monday 3:02 PM
- What you need to know about Apple’s new streaming service Monday 2:32 PM
- Text-message fanfiction is taking over Instagram Monday 1:54 PM
- Your Asus computer might have a secret backdoor Monday 1:06 PM
- Trump is already fundraising off the Mueller report—even though no one’s seen it Monday 1:01 PM
- Michael Avenatti charged with trying to extort $20 million from Nike Monday 12:51 PM
How to find out if you’ve been hacked in under a minute
Now if we can only stop getting hacked.
Have you been hacked?
If it feels like the Internet is plagued by seemingly constant cybersecurity breaches, sometimes the best thing you can do is find out if your usernames and passwords are already owned by an enterprising criminal.
The search engine Have I been pwned? (HIBP) is one of your best free and easy bets to find out if your sensitive information is floating out in cyberspace for all to see. There are other worthwhile options but HIBP’s new real-time monitoring tool separates it from the pack.
HIBP, which has provided easy access to stolen user credentials from newsworthy security breaches since last year, just introduced a major new feature that gives it access to about 175 million vulnerable accounts—a number that will keep growing rapidly—and alerts your within a minute to possible problems.
Now, with the new feature, scores of smaller breaches are documented and made easy for anyone to search.
Everyday, hackers leave tens of thousands of vulnerable accounts and passwords on free paste sites like Pastebin.com. It’s easy to find them: Here are two pastes from this morning totalling 245 emails and passwords.
“Often when online services are compromised, the first signs of it appear on ‘paste’ sites like Pastebin,” HIBP creator Troy Hunt explained on his site. “Attackers frequently publish either samples or complete dumps of compromised data on these services. Monitoring and reporting on the presence of email addresses on the likes of Pastebin can give impacted users a head start on mitigating the potential fallout from a breach.”
By partnering and integrating with Dump Monitor, a clever little bot that crawls the Web looking for stolen credentials, HIBP has exploded in size and usefulness. It takes less than a minute for new pastes with hacked accounts to show up on the site. HIBP also keeps the records even if a paste has been deleted, potentially alerting users to problems that hackers are trying to cover up.
Oops, I think that means I’ve been pwned a few times. C’est l’Internet.
“I’ve got 174,451,409 breached accounts in HIBP as of today which probably sounds like a lot,” Hunt wrote in a blog post, “but it’s not. Why is it not a lot? Because whilst that list spans a lot of the big breaches I could get my hands on, as of the middle of this year (now a couple of months ago already), there were over half a billion accounts breached in just six months … [I]t’s set us on a track that will make 2014 the most-hacked year to date by a fairly significant margin over last year, which was the previous most hacky year.”
To top it all off, HIBP’s easy email notification is a powerful tool with over 100,000 subscribers who can now be told quickly that their accounts may be at risk. That’s a powerful weapon. Now if only we could stop getting hacked in the first place.
Photo via Randy Pertiet (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.