Im really paranoid about data breaches and i just really wanna know
I usually check haveibeenpwned.com every year or so and it's always come back negative for any breaches, until now. Turns out my info has been in 3 breaches in just the last 6 months, so what would be the best course of action here?
today ive been trying to keep my account secure over scam anti virus software that I have installed. someone recommended me this site to see if any personal info of mines has been leaked. ran a scan and everything seems to be good for now? i then also did a scan for the site itself after words on virus total and it gave me a message saying "1 security vendor flagged this URL as malicious". not sure if I should be concerned abt that information and hopefully this site isn't a scam innit of itself
Hello so i know this is stupid since i can just research it and find the answer easily but im currently sick right now and i can barely remember stuff so im making a post just so i can remember and check when im not sick anymore
This is also for both me and my friend and hes a little paranoid so im making a post to also check if its real
So is the real site is the one in the picture and what do i do if it found a data leak? Do i just change password? And how do i check if its a old password? I havent used it so i dont know
Not sure whether to use it or not, as I’m worried about it’s safety
I’ve been wondering how effective HIBP actually is. When a site gets breached, the leaked data is often sold or circulated in private before it’s added to public forums on dark web and then to breach databases like HIBP. By the time my password shows up there, it might be too late to do anything useful.
Also my email - unless it is unique, random address, it is visible in public web anyway. So why should I look for it on dark web?
Other than changing my password, what other steps should I take?
It said that I have 1 data breach. What does that even mean? Does that mean that somebody guessed my password and was able to log in to my email and get all sort of info?
What’s the breach it said it was named in? Should give you a description.
It’s from when a company got hacked and grabbed the data. Usually never at fault of your own, change the password you used from that data breach on any account that uses that password, and never use it again
You have to assume some hacker has a giant list of passwords with that on there and will try to login on any site possible
In Cybersecurity, paranoia is your friend.
Only one breach? This is a rookie number!
Is it safe to use haveibeenpwned.com? Do they store the e-mail/phone number you search? Those who understand back-end processing, please enlighten me on the site.
Due to the recent breach news, a lot of people are checking to see if they were involved. Be careful if searching for haveibeenpwned on certain browsers like duckduckgo. Anywhere from the second to the fifth result is a fake site called havelbeenpwnd.com. It will load the old version of the website and can even link to the new version if navigated on. However, any search leads to a 404 error.
This fake site is actually named: have l(lowercase L) been pwnd(no e here).com. Others suspect it is a data harvesting site at the least. The real site is haveibeenpwned.com. Posting this to potentially help others to avoid this pitfall in privacy.
*Edited for clarity.
https://imgur.com/a/mSgDNwI
Something feels a bit wierd about it. I did sign up to their alerts fairly recently but, having done some searching, I can't find a whole lot about any other examples of people receiving this type of communication from them.
The "for verification" bit followed by a standard url to their site is a bit strange to me too. I might be being paranoid, but curious if anyone can shed some light.
https://haveibeenpwned.com/ allows you to check if your email address has been involved in a data breach. It can tell you if your password has been exposed as well as many other personal details such as your name, IP address, age, gender and even financial details. Scammers can then use this information to their advantage.
This website was a huge eye-opener for me and it saved me from trouble following a recent data breach. Make sure your information is safe!
I checked the Have I been Pwned and it says I have been exposed to one data breach. Am I in danger - I know it's only one but I'm still worried about it.
I know this website is safe to check your email addresses. I noticed that there is a 'Passwords' section and you can enter your passwords in there to see if they have been breached.
This might sound like a stupid question, but is it actually safe to enter your password here to check to see if it has been breached?
I just want to check my emails for a data breach, but can i enter my email safely or could I get hacked?
I have heard about haveibeenpwned and checked if my email or password was pwned but it wasn't still I recieved login attempt on instagram so is it accurate ?
But there was data breach from instagram of 2.6 million users same day when i got login attempt..
Note - I have not clicked any phis link etcc.....
With the increasing number of data breaches, I’m wondering if anyone here has started subscribing to this service or knows of any good free alternatives. We used to rely on it for years when it was free.
Edit: I should have clarified, does your organization subscribe to full domain searches
I tried my email on haveibeenpwned.com and found out that it was included in 2 breaches, one was Chess.com back in November 2023, which isn't too big of a deal I presume as I use different passwords through all my accounts, but the second was Naz.API which I have no idea what it is.
It says it's a breach that happened in September 2023, it says that "the incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairs obtained from unnamed sources."
I'm not sure if I should be worried or not, because differently to the chess breach, I don't know if only specific passwords were included or if all of them were, and I don't know what's the best thing to do right now to secure my accounts even though it had been several months since the breach where I haven't had any problems.
Basically this morning I was subscribed to a youtube channel I wasn’t subscribed to and it was like a bot channel. I do some digging and my email was in one data breach but no pastes in have i been pwned and my google account doesn’t look like there’s suspicious activity, but i checked that dark web alert thing and it says one thing was found on the dark web (maybe my email?) didn’t exactly tell me what, but i’m terrified and not really sure what to do, so far i just changed my password on my email.