- Review: ‘Sekiro: Shadows Die Twice’ is a cut above the rest 5 Years Ago
- Where do 2020 Democratic candidates stand on healthcare? Today 7:30 AM
- How to (legally) stream live TV on Kodi Today 7:00 AM
- ‘Delhi Crime’ tackles inequality and women’s rights Today 7:00 AM
- How to watch the 2019 STP 500 at Martinsville Speedway for free Today 6:00 AM
- These high school theater kids put on a totally awesome ‘Alien’ play Saturday 3:59 PM
- Behold these photos of Elon Musk, but with Elizabeth Holmes’ eyes Saturday 3:11 PM
- Barbra Streisand gets canceled over remarks about Michael Jackson’s alleged victims Saturday 2:09 PM
- Report: Florida man raped Texas teen after posing as Instagram celeb Saturday 12:14 PM
- Lori Loughlin’s daughters, Olivia and Isabella, could be banned from USC forever Saturday 11:46 AM
- ‘Starfish’ is a heartbreaking tale of BFFs, grief, and apocalyptic alien invasions Saturday 10:35 AM
- How to stream UFC Fight Night 148 for free Saturday 10:00 AM
- The kids are making scantron memes instead of studying Saturday 9:29 AM
- Every installment of Hulu’s ‘Into the Dark,’ ranked Saturday 6:00 AM
- The internet is mocking Robert Mueller’s report deadline Friday 7:53 PM
How to find out if you’ve been hacked in under a minute
Now if we can only stop getting hacked.
Have you been hacked?
If it feels like the Internet is plagued by seemingly constant cybersecurity breaches, sometimes the best thing you can do is find out if your usernames and passwords are already owned by an enterprising criminal.
The search engine Have I been pwned? (HIBP) is one of your best free and easy bets to find out if your sensitive information is floating out in cyberspace for all to see. There are other worthwhile options but HIBP’s new real-time monitoring tool separates it from the pack.
HIBP, which has provided easy access to stolen user credentials from newsworthy security breaches since last year, just introduced a major new feature that gives it access to about 175 million vulnerable accounts—a number that will keep growing rapidly—and alerts your within a minute to possible problems.
Now, with the new feature, scores of smaller breaches are documented and made easy for anyone to search.
Everyday, hackers leave tens of thousands of vulnerable accounts and passwords on free paste sites like Pastebin.com. It’s easy to find them: Here are two pastes from this morning totalling 245 emails and passwords.
“Often when online services are compromised, the first signs of it appear on ‘paste’ sites like Pastebin,” HIBP creator Troy Hunt explained on his site. “Attackers frequently publish either samples or complete dumps of compromised data on these services. Monitoring and reporting on the presence of email addresses on the likes of Pastebin can give impacted users a head start on mitigating the potential fallout from a breach.”
By partnering and integrating with Dump Monitor, a clever little bot that crawls the Web looking for stolen credentials, HIBP has exploded in size and usefulness. It takes less than a minute for new pastes with hacked accounts to show up on the site. HIBP also keeps the records even if a paste has been deleted, potentially alerting users to problems that hackers are trying to cover up.
Oops, I think that means I’ve been pwned a few times. C’est l’Internet.
“I’ve got 174,451,409 breached accounts in HIBP as of today which probably sounds like a lot,” Hunt wrote in a blog post, “but it’s not. Why is it not a lot? Because whilst that list spans a lot of the big breaches I could get my hands on, as of the middle of this year (now a couple of months ago already), there were over half a billion accounts breached in just six months … [I]t’s set us on a track that will make 2014 the most-hacked year to date by a fairly significant margin over last year, which was the previous most hacky year.”
To top it all off, HIBP’s easy email notification is a powerful tool with over 100,000 subscribers who can now be told quickly that their accounts may be at risk. That’s a powerful weapon. Now if only we could stop getting hacked in the first place.
Photo via Randy Pertiet (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.