Troy Hunt

@[email protected]
21.6K Followers
54 Following
1.2K Posts
Creator of @haveibeenpwned. Microsoft Regional Director and MVP. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Bloghttps://www.troyhunt.com
Troy Hunt1d ago
Weekly update is up! Baydöner Breach; Aura Breach; Building PwnedClaw Agentic AI on a Mac Mini to do Data Breach Stuff https://www.troyhunt.com/weekly-update-496/
Weekly Update 496

Watching OpenClaw do its thing must be like watching the first plane take flight. It's a bit rickety and stuck together with a lot of sticky tape, but squint and you can see the potential for agentic AI to change the world as we know it. And I don't think

Troy Hunt
Troy Hunt1d ago
Have I Been Pwned1d ago
New breach: In around 2011, the now defunct RuneScape Boards exposed 223k unique email addresses. Data also included username, IP address and salted MD5 password hash. 96% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/RSBoards
Have I Been Pwned: RuneScape Boards Data Breach

In around 2011, the RuneScape Boards forum (also known as RSBoards) suffered a data breach that was later redistributed as part of a larger corpus of data. The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes.

Have I Been Pwned
Troy Hunt4d ago
Going live with my weekly vid in 10 mins! Baydöner Breach; Aura Breach; Building PwnedClaw Agentic AI on a Mac Mini to do Data Breach Stuff https://youtube.com/live/WbKbDiMo_qY?feature=share
Weekly Update 496

YouTube
Troy HuntMar 18
Have I Been PwnedMar 18
New breach: Aura exposed 900k unique email address earlier this month, primarily sourced from a marketing tool. Data also included name, phone number, physical and IP address. 90% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/Aura
Have I Been Pwned: Aura Data Breach

In March 2026, the online safety service Aura disclosed a data breach that exposed 900k unique email addresses. The data was primarily associated with a marketing tool from a previously acquired company, with fewer than 20k active Aura customers affected. Exposed data included names, phone numbers, physical and IP addresses, and customer service notes. Aura advised that no Social Security numbers, passwords or financial information were compromised.

Have I Been Pwned
Troy HuntMar 17
Weekly update is up! Behind the scenes of some of Have I Been Pwned’s most important architectural components https://www.troyhunt.com/weekly-update-495/
Weekly Update 495

In the beginning, it was simple. A website, a database and 150M+ email addresses to search. Time has added serverless functions (which run on servers 🤷‍♂️), code on the edge, new data storage constructs and a completely different mechanism for even just querying a simple email address. HIBP is a continually

Troy Hunt
Troy HuntMar 15
Have I Been PwnedMar 15
New breach: League of Legends custom skins service Divine Skins had 105k email addresses and usernames breached this week, along with user purchase history. 50% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/DivineSkins
Have I Been Pwned: Divine Skins Data Breach

In March 2026, the League of Legends custom skins service Divine Skins suffered a data breach. The incident was disclosed via the service's Discord server, where Divine Skins stated that an unauthorised third party accessed part of its systems, deleted all skins from the database and exposed email addresses and usernames. The data also contained a history of purchases made by users.

Have I Been Pwned
Troy HuntMar 15
Have I Been PwnedMar 15
New breach: Turkish restaurant chain Baydöner had 1.2M unique email addresses exposed last week. Data also included name, phone number, city and plaintext password. 28% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/Baydoner
Have I Been Pwned: Baydöner Data Breach

In March 2026, the Turkish restaurant chain Baydöner suffered a data breach which was subsequently published to a public hacking forum. The incident exposed over 1.2M unique email addresses along with names, phone numbers, cities of residence and plaintext passwords. A small number of records also included Turkish national ID number and date of birth. In their disclosure notice, Baydöner stated that payment and financial data was not affected.

Have I Been Pwned
Troy HuntMar 12
Going live with my weekly vid in 10 mins! Behind the scenes of some of Have I Been Pwned’s most important architectural components https://youtube.com/live/revPU53G9v8?feature=share
Weekly Update 495

YouTube
Troy HuntMar 10
Weekly update is up! Breachapalooza: Odido, KomikoAI, Quitbro, Lovora, Provecho; The Hunger Rush Situation; I Finally Got Age-Checked https://www.troyhunt.com/weekly-update-494/
Weekly Update 494

Since starting HIBP a dozen and a bit years ago, I've loaded an average of one breach every 4.7 days. That's 959 of them to date, but last week it was five in only two days. That's a few weeks' worth of breaches in only 48 and a half

Troy Hunt
Troy HuntMar 6
Going live with my weekly vid in 10 mins! Breachapalooza: Odido, KomikoAI, Quitbro, Lovora, Provecho; The Hunger Rush Situation; I Finally Got Age-Checked https://youtube.com/live/I-XLZhGlZuw?feature=share
Weekly Update 494

YouTube