- The MCU’s Phase 4 is all about Marvel getting weird 5 Years Ago
- How alt porn site SuicideGirls gets women to pose naked for free Today 7:00 AM
- Why did the GOP launch a website hyping socialist candidates? Today 6:30 AM
- The macrophilia and size-change fetish communities are made possible through the magic of the internet Today 6:00 AM
- Is Trump defiling the U.S. flag in this MAGA dude’s artwork? Sunday 4:41 PM
- White woman claims she invented sleep bonnets, selling them for $100 Sunday 4:03 PM
- Even real cats are transfixed by the enigma that is the ‘Cats’ trailer Sunday 3:04 PM
- Wait, how tall is Peppa Pig? Sunday 1:55 PM
- Twitter suspends Iranian state media outlets for harassing members of a religious minority Sunday 1:06 PM
- Pro-MAGA pageant queen stripped of title over ‘offensive’ tweets Sunday 11:52 AM
- Marvel unveiled its Phase 4 plans at San Diego Comic-Con Sunday 9:16 AM
- How a queer Instagram is helping fight the opioid epidemic in Appalachia Sunday 6:30 AM
- Philadelphia to fire 13 officers for racist, violent Facebook posts Saturday 6:12 PM
- Nick Offerman is so down to play every single role in ‘Cats’ Saturday 4:27 PM
- Woman documents how airport staff broke her wheelchair Saturday 3:04 PM
How to find out if you’ve been hacked in under a minute
Now if we can only stop getting hacked.
Have you been hacked?
If it feels like the Internet is plagued by seemingly constant cybersecurity breaches, sometimes the best thing you can do is find out if your usernames and passwords are already owned by an enterprising criminal.
The search engine Have I been pwned? (HIBP) is one of your best free and easy bets to find out if your sensitive information is floating out in cyberspace for all to see. There are other worthwhile options but HIBP’s new real-time monitoring tool separates it from the pack.
HIBP, which has provided easy access to stolen user credentials from newsworthy security breaches since last year, just introduced a major new feature that gives it access to about 175 million vulnerable accounts—a number that will keep growing rapidly—and alerts your within a minute to possible problems.
Now, with the new feature, scores of smaller breaches are documented and made easy for anyone to search.
Everyday, hackers leave tens of thousands of vulnerable accounts and passwords on free paste sites like Pastebin.com. It’s easy to find them: Here are two pastes from this morning totalling 245 emails and passwords.
“Often when online services are compromised, the first signs of it appear on ‘paste’ sites like Pastebin,” HIBP creator Troy Hunt explained on his site. “Attackers frequently publish either samples or complete dumps of compromised data on these services. Monitoring and reporting on the presence of email addresses on the likes of Pastebin can give impacted users a head start on mitigating the potential fallout from a breach.”
By partnering and integrating with Dump Monitor, a clever little bot that crawls the Web looking for stolen credentials, HIBP has exploded in size and usefulness. It takes less than a minute for new pastes with hacked accounts to show up on the site. HIBP also keeps the records even if a paste has been deleted, potentially alerting users to problems that hackers are trying to cover up.
Oops, I think that means I’ve been pwned a few times. C’est l’Internet.
“I’ve got 174,451,409 breached accounts in HIBP as of today which probably sounds like a lot,” Hunt wrote in a blog post, “but it’s not. Why is it not a lot? Because whilst that list spans a lot of the big breaches I could get my hands on, as of the middle of this year (now a couple of months ago already), there were over half a billion accounts breached in just six months … [I]t’s set us on a track that will make 2014 the most-hacked year to date by a fairly significant margin over last year, which was the previous most hacky year.”
To top it all off, HIBP’s easy email notification is a powerful tool with over 100,000 subscribers who can now be told quickly that their accounts may be at risk. That’s a powerful weapon. Now if only we could stop getting hacked in the first place.
Photo via Randy Pertiet (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.