Free Email Address Data Breach Alerts From HaveIBeenPwned



  • https://haveibeenpwned.com/

    in addition to your email address, it tells you other information that was stolen for example: Dates of birth, Email addresses, Instant messenger identities, IP addresses, Passwords, Usernames, Website activity. So it gives you a good idea what was stolen even if it doesn’t monitor other information.


  • Global Moderator

    @Tuskers how reputable is this? it could just be a phishing site. Not sure I trust any site I’ve never heard of to give any kind of information to.



  • I have a friend that has used this site for over a month and they are very reputable and very careful with what they use
    They have not had any problems nor an increase in junk emails
    That said, I think this site is good but I cannot state that with certianty
    Maybe sweetclover or other members could voice their opinions

    I will continue to research and I will update if/when I get more information


  • Global Moderator

    @tuskers Hmmm… to me, 1 month does not a long-standing, legit and “reputable” site make, although maybe that’s just me and the investigative nature I have, due to my career. I really don’t see myself ever needing to know this information anyway.
    If something WERE to happen, I only have one… personal and professional email address, along with two simultaneous credit monitoring services (for the full spectrum of my life) that would immediately inform me if any kind of compromise (breach) happened anyway. The rest of the email addresses that I DO have (at least 6) were set up with full intentions to be “disposable” and catch freebie and deal confirmations that are sent there.
    This site may very well have good intentions, but I prefer to personally pass on this, simply by remembering the old adage: “If it ain’t broke, don’t fix it.”

    I can’t confirm validity of this site with 100% accuracy either, however I did find the following while sleuthing around their site in their FAQ’s:

    "How do I know the site isn’t just harvesting searched email addresses?"
    You don’t, but it’s not. The site is simply intended to be a free service for people to assess risk in relation to their account being caught up in a breach. As with any website, if you’re concerned about the intent or security, don’t use it.

    "It’s a bit light on detail here, where can I get more info?"
    The design and build of this project has been extensively documented on troyhunt.com under the Have I been pwned? tag. These blog posts explain much of the reasoning behind the various features and how they’ve been implemented on Microsoft’s Windows Azure cloud platform.


  • Global Moderator



  • I think you misunderstood, my friend has used them for a month but they have been around much longer



  • Very reputable website… Started by a well respected cyber security expert too: https://twitter.com/troyhunt



  • Thank you for the added information and link



  • @tuskers said in [Free Email Address Data Breach Alerts From

    Maybe sweetclover or other members could voice their opinions

    0_1509907104483_Lurch copy.jpg

    Well, the Whois is solid. Nothing shady-looking there. And I see fivetalents provided multiple resources in links. This has been around, it was posted on FW in the thread about the Equifax breach in Finance. It’s a reputable website, but it’s always a good idea to check its Whois and it’s history & status via a Google/Bing search, when in doubt. The crooked scammer sites are usually dead giveaways, often by perusing their Whois alone.

    Queried whois.enom.com with “haveibeenpwned.com”…

    Domain Name: HAVEIBEENPWNED.COM
    Registry Domain ID: 1835276268_DOMAIN_COM-VRSN
    Registrar WHOIS Server: whois.enom.com
    Registrar URL: www.enom.com
    Updated Date: 2017-10-15T00:31:22.00Z
    Creation Date: 2013-11-13T09:08:00.00Z
    Registrar Registration Expiration Date: 2018-11-13T09:08:00.00Z
    Registrar: ENOM, INC.
    Registrar IANA ID: 48
    Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
    Registry Registrant ID:
    Registrant Name: TROY HUNT
    Registrant Organization: HAVE I BEEN PWNED
    Registrant Street: 57 ADMIRALTY DRIVE
    Registrant City: SURFERS PARADISE
    Registrant State/Province: QLD
    Registrant Postal Code: 4217
    Registrant Country: AU
    Registrant Phone: +61.438040876
    Registrant Phone Ext:
    Registrant Fax:
    Registrant Fax Ext:
    Registrant Email: TROYHUNT@HOTMAIL.COM
    Registry Admin ID:
    Admin Name: TROY HUNT
    Admin Organization: HAVE I BEEN PWNED
    Admin Street: 57 ADMIRALTY DRIVE
    Admin City: SURFERS PARADISE
    Admin State/Province: QLD
    Admin Postal Code: 4217
    Admin Country: AU
    Admin Phone: +61.438040876
    Admin Phone Ext:
    Admin Fax:
    Admin Fax Ext:
    Admin Email: TROYHUNT@HOTMAIL.COM
    Registry Tech ID:
    Tech Name: TROY HUNT
    Tech Organization: HAVE I BEEN PWNED
    Tech Street: 57 ADMIRALTY DRIVE
    Tech City: SURFERS PARADISE
    Tech State/Province: QLD
    Tech Postal Code: 4217
    Tech Country: AU
    Tech Phone: +61.438040876
    Tech Phone Ext:
    Tech Fax:
    Tech Fax Ext:
    Tech Email: TROYHUNT@HOTMAIL.COM
    Name Server: LEAH.NS.CLOUDFLARE.COM
    Name Server: ROB.NS.CLOUDFLARE.COM
    DNSSEC: unSigned
    Registrar Abuse Contact Email: abuse@enom.com
    Registrar Abuse Contact Phone: +1.4252982646
    URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/


 

Looks like your connection to PhatWallet was lost, please wait while we try to reconnect.