- How to stream Real Madrid vs. Real Valladolid Friday 10:44 PM
- How to stream Liverpool vs. Arsenal Friday 10:28 PM
- How to stream Manchester United vs. Crystal Palace Friday 10:05 PM
- How to stream Chelsea vs. Norwich City Friday 8:55 PM
- How to stream the 2019-20 Serie A season Friday 8:05 PM
- Tom Brady keeps supplying us with new meme material Friday 5:55 PM
- Emails reveal Facebook’s knowledge of Cambridge Analytica Friday 3:43 PM
- ‘Fast and Furious’ + ‘American Ninja Warrior’ = Netflix’s ‘Hyperdrive’ Friday 3:15 PM
- Trump jokes drop in Dow is because Seth Moulton dropped out of 2020 race Friday 3:13 PM
- What we learned when we visited Mr. B, America’s chonkiest cat Friday 1:46 PM
- Trump’s new plan to fight opioid overdose? This tweet Friday 1:06 PM
- Fitness influencer shamed for ‘sharing numbers’ in weight loss posts Friday 1:04 PM
- The VSCO Girl has always been here Friday 1:01 PM
- Tomi Lahren’s new ‘Freedom’ clothing line is made for meme mockery Friday 12:21 PM
- Taylor Swift’s ‘London Boy’ is a bop, but Brits don’t think her lyrics are accurate Friday 12:02 PM
How to find out if you’ve been hacked in under a minute
Now if we can only stop getting hacked.
Have you been hacked?
If it feels like the Internet is plagued by seemingly constant cybersecurity breaches, sometimes the best thing you can do is find out if your usernames and passwords are already owned by an enterprising criminal.
The search engine Have I been pwned? (HIBP) is one of your best free and easy bets to find out if your sensitive information is floating out in cyberspace for all to see. There are other worthwhile options but HIBP’s new real-time monitoring tool separates it from the pack.
HIBP, which has provided easy access to stolen user credentials from newsworthy security breaches since last year, just introduced a major new feature that gives it access to about 175 million vulnerable accounts—a number that will keep growing rapidly—and alerts your within a minute to possible problems.
Now, with the new feature, scores of smaller breaches are documented and made easy for anyone to search.
Everyday, hackers leave tens of thousands of vulnerable accounts and passwords on free paste sites like Pastebin.com. It’s easy to find them: Here are two pastes from this morning totalling 245 emails and passwords.
“Often when online services are compromised, the first signs of it appear on ‘paste’ sites like Pastebin,” HIBP creator Troy Hunt explained on his site. “Attackers frequently publish either samples or complete dumps of compromised data on these services. Monitoring and reporting on the presence of email addresses on the likes of Pastebin can give impacted users a head start on mitigating the potential fallout from a breach.”
By partnering and integrating with Dump Monitor, a clever little bot that crawls the Web looking for stolen credentials, HIBP has exploded in size and usefulness. It takes less than a minute for new pastes with hacked accounts to show up on the site. HIBP also keeps the records even if a paste has been deleted, potentially alerting users to problems that hackers are trying to cover up.
Oops, I think that means I’ve been pwned a few times. C’est l’Internet.
“I’ve got 174,451,409 breached accounts in HIBP as of today which probably sounds like a lot,” Hunt wrote in a blog post, “but it’s not. Why is it not a lot? Because whilst that list spans a lot of the big breaches I could get my hands on, as of the middle of this year (now a couple of months ago already), there were over half a billion accounts breached in just six months … [I]t’s set us on a track that will make 2014 the most-hacked year to date by a fairly significant margin over last year, which was the previous most hacky year.”
To top it all off, HIBP’s easy email notification is a powerful tool with over 100,000 subscribers who can now be told quickly that their accounts may be at risk. That’s a powerful weapon. Now if only we could stop getting hacked in the first place.
Photo via Randy Pertiet (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.