Free Email Address Data Breach Alerts From HaveIBeenPwned

in addition to your email address, it tells you other information that was stolen for example: Dates of birth, Email addresses, Instant messenger identities, IP addresses, Passwords, Usernames, Website activity. So it gives you a good idea what was stolen even if it doesn’t monitor other information.

MISTERCHEAP

@Tuskers how reputable is this? it could just be a phishing site. Not sure I trust any site I’ve never heard of to give any kind of information to.

I have a friend that has used this site for over a month and they are very reputable and very careful with what they use
They have not had any problems nor an increase in junk emails
That said, I think this site is good but I cannot state that with certianty
Maybe sweetclover or other members could voice their opinions

I will continue to research and I will update if/when I get more information

PywackettyCat

@tuskers Hmmm… to me, 1 month does not a long-standing, legit and “reputable” site make, although maybe that’s just me and the investigative nature I have, due to my career. I really don’t see myself ever needing to know this information anyway.
If something WERE to happen, I only have one… personal and professional email address, along with two simultaneous credit monitoring services (for the full spectrum of my life) that would immediately inform me if any kind of compromise (breach) happened anyway. The rest of the email addresses that I DO have (at least 6) were set up with full intentions to be “disposable” and catch freebie and deal confirmations that are sent there.
This site may very well have good intentions, but I prefer to personally pass on this, simply by remembering the old adage: “If it ain’t broke, don’t fix it.”

I can’t confirm validity of this site with 100% accuracy either, however I did find the following while sleuthing around their site in their FAQ’s:

"How do I know the site isn’t just harvesting searched email addresses?"
You don’t, but it’s not. The site is simply intended to be a free service for people to assess risk in relation to their account being caught up in a breach. As with any website, if you’re concerned about the intent or security, don’t use it.

"It’s a bit light on detail here, where can I get more info?"
The design and build of this project has been extensively documented on troyhunt.com under the Have I been pwned? tag. These blog posts explain much of the reasoning behind the various features and how they’ve been implemented on Microsoft’s Windows Azure cloud platform.

fivetalents

The pwned site has been around for a few years: https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F.

It has been featured on several legit news and tech sites. Some examples:

Exercise your own best judgement and don’t use any sites that you are not comfortable with.

I think you misunderstood, my friend has used them for a month but they have been around much longer

ajohnclark

Very reputable website… Started by a well respected cyber security expert too: https://twitter.com/troyhunt

Thank you for the added information and link

SweetClover

@tuskers said in [Free Email Address Data Breach Alerts From

Maybe sweetclover or other members could voice their opinions

0_1509907104483_Lurch copy.jpg

Well, the Whois is solid. Nothing shady-looking there. And I see fivetalents provided multiple resources in links. This has been around, it was posted on FW in the thread about the Equifax breach in Finance. It’s a reputable website, but it’s always a good idea to check its Whois and it’s history & status via a Google/Bing search, when in doubt. The crooked scammer sites are usually dead giveaways, often by perusing their Whois alone.

Queried whois.enom.com with “haveibeenpwned.com”…

Domain Name: HAVEIBEENPWNED.COM
Registry Domain ID: 1835276268_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2017-10-15T00:31:22.00Z
Creation Date: 2013-11-13T09:08:00.00Z
Registrar Registration Expiration Date: 2018-11-13T09:08:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: TROY HUNT
Registrant Organization: HAVE I BEEN PWNED
Registrant Street: 57 ADMIRALTY DRIVE
Registrant City: SURFERS PARADISE
Registrant State/Province: QLD
Registrant Postal Code: 4217
Registrant Country: AU
Registrant Phone: +61.438040876
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: TROYHUNT@HOTMAIL.COM
Registry Admin ID:
Admin Name: TROY HUNT
Admin Organization: HAVE I BEEN PWNED
Admin Street: 57 ADMIRALTY DRIVE
Admin City: SURFERS PARADISE
Admin State/Province: QLD
Admin Postal Code: 4217
Admin Country: AU
Admin Phone: +61.438040876
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: TROYHUNT@HOTMAIL.COM
Registry Tech ID:
Tech Name: TROY HUNT
Tech Organization: HAVE I BEEN PWNED
Tech Street: 57 ADMIRALTY DRIVE
Tech City: SURFERS PARADISE
Tech State/Province: QLD
Tech Postal Code: 4217
Tech Country: AU
Tech Phone: +61.438040876
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: TROYHUNT@HOTMAIL.COM
Name Server: LEAH.NS.CLOUDFLARE.COM
Name Server: ROB.NS.CLOUDFLARE.COM
DNSSEC: unSigned
Registrar Abuse Contact Email: abuse@enom.com
Registrar Abuse Contact Phone: +1.4252982646
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/