With the latest data added to #haveIbeenpwned I found out that #Dropbox lost my credentials a second time. 😔

So make sure to check #HIBP webpage with your email addresses and/or your domain to find out which services got hacked.

So I just deleted all my Dropbox data (I haven't used for 13 years because of #Syncthing) in their web interface, changed the password, added 2FA (TOTP) and unlinked all my (outdated) devices. Bye Dropbox! 👋

🚨 2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned
by Troy Hunt
#HaveIBeenPwned #LeakedPasswords #Security #TroyHunt

https://www.troyhunt.com/2-billion-email-addresses-were-exposed-and-we-indexed-them-all-in-have-i-been-pwned/

Hups, ein bekanntermaßen unsicheres Passwort ergibt eine erstaunlich hohe neunstellige Zahl Treffer:

> This password has been seen 179,863,340 times before in data breaches!

https://haveibeenpwned.com/Passwords

#haveibeenpwned #passwort

Der Betreiber gilt als vertrauenswürdig und hat die Prüfung technisch recht gut abgesichert, so dass nie das Passwort übertragen wird. Im Zweifel lokal prüfen, die Datenbank steht dafür zum Download zur Verfügung (ist aber groß).

»Have I Been Pwned — Milliarden neuer Passwörter in Sammlung:
Aus Infostealer-Datensätzen konnte Have-I-Been-Pwned-Betreiber Troy Hunt 1,3 Milliarden einzigartige Passwörter extrahieren.«

Ich weise schon lange auf @haveibeenpwned hin und auch wenn die Menschen sich als gehackt erkennen, haben sie scheinbar immer noch nichts zu verbergen. Wann nehmen dies die es endlich ernst oder/und verwenden Passkeys?!

🔓 https://www.heise.de/news/Have-I-Been-Pwned-Milliarden-neuer-Passwoerter-in-Sammlung-11067453.html

#email #haveibeenpwned #passwort #hacking #online #datenschutz

I'm a bit annoyed by what's effectively a sales email process from #haveibeenpwned - notification that an email+password on my personal domain was found in the #Synthient breach. Follow the link, enter the address used to confirm domain ownership, wait for a second email, follow the link, get nothing useful just "Insufficient subscription. Only subscription-free breaches will be returned for this domain."

I'm not feeling a need to pay $4.50/mo to find out which of my per-domain email addresses with unique passwords was breached, nor do I need to run 10 searches per minute.

Have I Been Pwned logs 17.6M Victims in Prosper Breach.

HIBP alleges that email addresses — as expected — were affected, as well as a slew of other personal information.

This included:

• Browser user agent details
• Credit status information
• Dates of birth
• Employment statuses
• Government-issued IDs
• Income levels
• IP addresses
• Names
• Physical addresses

https://haveibeenpwned.com/Breach/Prosper

#prosper #breach #haveibeenpwned #it #security #privacy #engineer #media #tech #news