Pages:
Author

Topic: UPDATED! [Guide] How to know if your email address was part of any data breach. - page 2. (Read 668 times)

legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
As far as I know, Ihavebeenpwned isn't storing email addresses searched for on their website. I got this from their FAQs section

They can write anything in their FAQ, that doesn't prove anything.
I am a skeptical person by nature and don't believe that someone would provide such service for free.

You may think I am being delusional but here is what I think:
They have a database containing more than 8.500.000.000 email addresses and hashed passwords. Obviously they can't heck them all knowing that most of them are throwaway emails.
By entering your email address there, you are telling them that you care about it and Hence there are high chances that it contains some valuable information.
Also, they provide a service to check if your password was leaked! If you enter your password then they can generate its hash and compare it with other hashes on their database.
hero member
Activity: 2212
Merit: 805
Top Crypto Casino
It's a good service, I checked my email and found that it was exposed through a Canva data breach.
It is best for everyone to use trusted email for the platforms with a clean device and another for other transactions.
The fact that your account is safe does not mean you are okay, just posting it to the public means anything can happen.

I'm glad to hear you found the guide useful. Like you said, It's always advisable to have multiple emails for each purposes. That way, You'll limit the possibility of your main email getting in a data leak. Security should also be on top of  everyone's priority list when dealing with credentials online. There's no telling what could happen if security is overlooked or ignored.




legendary
Activity: 2646
Merit: 3911
It's a good service, I checked my email and found that it was exposed through a Canva data breach.
It is best for everyone to use trusted email for the platforms with a clean device and another for other transactions.
The fact that your account is safe does not mean you are okay, just posting it to the public means anything can happen.
legendary
Activity: 1624
Merit: 1130
Bitcoin FTW!
Another site that I've used to see if any of my emails or passwords have been leaked is Spycloud (click for direct link) which also happens to show the password(s) attached to your email when possible; if you get a long string for the password, it's likely because the password's been hashed and isn't immediately decipherable. The site also doesn't seem to have access to nearly as many databases as HIBP, though, and it's possible you might end up on a spam list from using the service even though they suggest it won't.

You should still be changing your passwords regularly and especially if you know it's been part of a data breach regardless of whether or not it's been hashed or encrypted anyways though, and so I still mainly use HIBP as a result.
hero member
Activity: 2212
Merit: 805
Top Crypto Casino
How secure is the site privacy wise. Can it be confirmed that the site isn't storing the email addresses input into their system and probably selling them to third parties to be used for email marketing.

As far as I know, Ihavebeenpwned isn't storing email addresses searched for on their website. I got this from their FAQs section 👇.

Thank. You can also try the Mozilla browser development site to check your email for leaks [1]. In addition, there is a list of all data leaks that occurred in chronological order [2]. As well as a fairly extensive page of security tips [3].

[1] https://monitor.firefox.com/
[2] https://monitor.firefox.com/breaches
[3] https://monitor.firefox.com/security-tips

Thank you. I didn't know about Mozilla Monitor service until you mentioned it. I've added it to OP as it serves same purpose and it'll come in handy for users who are concerned about their privacy with Ihavebeenpwned site since Mozilla is a known organization.





legendary
Activity: 2940
Merit: 1083
I already tried this I saw my email address is included and I got some warning that my email address have been pawned.
Any advice what to do? Or just change the password of it and continue to use it would be still okay? Because most of my accounts are there and my contacts are there too.

Kind of unusual to see for a rank like you having trouble about what to do. Changing login details is always the basic thing to do. Always set-up 2FA too or any other forms of additional security layers.

And even you changed passwords, your email will not be removed there as pawned since it was already pawned on that said website. As long as you maintain and always follow the basic protocols about the security of your belongings, no need to worry about the possible account breached.

sr. member
Activity: 1512
Merit: 292
www.cd3d.app
Thank. You can also try the Mozilla browser development site to check your email for leaks [1]. In addition, there is a list of all data leaks that occurred in chronological order [2]. As well as a fairly extensive page of security tips [3].

[1] https://monitor.firefox.com/
[2] https://monitor.firefox.com/breaches
[3] https://monitor.firefox.com/security-tips
legendary
Activity: 2408
Merit: 4282
eXch.cx - Automatic crypto Swap Exchange.
How secure is the site privacy wise. Can it be confirmed that the site isn't storing the email addresses input into their system and probably selling them to third parties to be used for email marketing.

I try to avoid reviewing my email to sites that shouldn't have them in the first place just for extra precaution measure most especially as I hate unsolicited email and can't stand seeing them in inbox.
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
I already tried this I saw my email address is included and I got some warning that my email address have been pawned.
Any advice what to do? Or just change the password of it and continue to use it would be still okay? Because most of my accounts are there and my contacts are there too.
I believe the best thing to do is to change your password and set up 2fa if your email service provider have this feature.
Finding your email on the list of pwned emails doesn't mean that your password was leaked too since most of the hacked websites, from where this list was taken, do not store passwords in plain-text formats but just store their hashes.

However you can expect your Inbox to get flooded with hundreds of spam emails.
legendary
Activity: 3136
Merit: 3213
I would advice to make an email only for use the Exchange.
If you use more Exchanges best thing would be to have diffrent emails for it,
so the chances are small that your others Login details and Accounts get leaked or hacked also when there is something again or there is someone hack your email account.
Also use diffrent passwords .
legendary
Activity: 2338
Merit: 1354
I already tried this I saw my email address is included and I got some warning that my email address have been pawned.
Any advice what to do? Or just change the password of it and continue to use it would be still okay? Because most of my accounts are there and my contacts are there too.
hero member
Activity: 2212
Merit: 805
Top Crypto Casino
A data breach occurs from time to time. Even some of the platforms we put so much trust in, can still be breached and data would be stolen. It's that common. If you start receiving random emails/phishing emails, It's a good idea to check if your data including your email has been involved in a breach..

The Wikipedia definition of a data breach

Thank. You can also try the Mozilla browser development site to check your email for leaks [1]. In addition, there is a list of all data leaks that occurred in chronological order [2]. As well as a fairly extensive page of security tips [3].

[1] https://monitor.firefox.com/
[2] https://monitor.firefox.com/breaches
[3] https://monitor.firefox.com/security-tips

One more alternative website where you can check then same thing about email leaks:
https://haveibeensold.app/






... And that's all you've to do. If you've any questions, feel free to leave it below or better still, check Pwned's Frequently Asked Questions




Update

Google chrome now ships a data breach notification feature out of the box. When you type your credentials into a website, Chrome will now warn you if your username and password have been compromised in a data breach on some site or app. It will suggest that you change them everywhere they were used. You can use this as an alternative to IhaveBeenPwned if you prefer not to enter your email at an unknown website.

How to toggle the feature?
1. Goto Settings
2. Click on Sync & Google services.
3. Scroll down and then toggle feature on / off depending on what you want:


Pages:
Jump to: