A free tool is now available at haveibeenpwned.com that will check if your mail address was exposed in one of six major data breaches.
The service, offered by Australian software developer Troy Hunt, checks emails addresses entered against those found in large data base dumps from a number of breaches, including the recent Adobe hack.
Hunt assures users that no email addresses submitted are stored, saying “I’m not storing them. Nada. Zip. I just don’t need them and frankly, I don’t want the responsibility either. This is all about raising awareness of the breadth of breaches.”
The inspiration for building the resource occurred when Hunt was using similar tools to check if his email addresses had been among those in the Adobe breach, and much to his surprise they were.
“Just after the Adobe breach, a number of sites started popping up that let you search through the breach to see if your email address (and consequently your password), was leaked,” Hunt said. “When I used the tool to check my accounts, I found both my personal and work accounts contained in the breach. I had absolutely no idea why!”
And that’s a problem. Many websites and services demand that users create what are called “throwaway accounts,” one’s required by the website operator that the user never intends to use again, and many forget they even created them, like Hunt.
“The most likely answer is that I did indeed create accounts on Adobe, perhaps as far back as in the days when I was using Dreamweaver to build classic ASP whilst it was still owned by Macromedia,” Hunt said.
“The point is that these accounts had been floating around for so long that by the time a breach actually occurred I had no idea that my account had been compromised because the site was simply no longer on my radar.”
Read More Here…