Troy Hunt

@[email protected]
21.7K Followers
54 Following
1.2K Posts
Creator of @haveibeenpwned. Microsoft Regional Director and MVP. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Bloghttps://www.troyhunt.com
Troy Hunt3h ago
Have I Been Pwned3h ago
New breach: SUCCESS suffered a breach last month that exposed 250k unique email addresses. Data also included name, phone number, IP address and purchase with physical address. 80% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/SUCCESS
Have I Been Pwned: SUCCESS Data Breach

In March 2026, the personal development and achievement media brand SUCCESS suffered a data breach. The incident exposed 250k unique email addresses along with names, IP addresses, phone numbers and, for a limited number of staff members, bcrypt password hashes. The data also included orders containing physical addresses and the payment method used. In SUCCESS' disclosure notice, they advised their system had also been abused to send offensive newsletters with quotes falsely attributed to contributors.

Have I Been Pwned
Troy Hunt1d ago
Weekly update is up! Join Me in Investigating Today’s Data Breaches With the PwnedClaw, the OpenClaw Agentic AI Bot Doing My Legwork: https://www.troyhunt.com/weekly-update-497/
Weekly Update 497

Day by day, I find we're eeking more goodness out of OpenClaw and finding the sweet spot between what the humans do well and the agent can run off and do on its own. Significantly, we're shifting more and more of the workload to the latter as all 3 of

Troy Hunt
Troy Hunt1d ago
Today, after many months of hard work, we're launching a bunch of new @haveibeenpwned features that improve privacy, usability and performance. We're a little team, but we've done a lot since this pic in November. Here are all the details: https://www.troyhunt.com/passkeys-k-anonymity-searches-massive-speed-enhancements-bulk-domain-verification-api/
HIBP Mega Update: Passkeys, k-Anonymity Searches, Massive Speed Enhancements and a Bulk Domain Verification API

For a hobby project built in my spare time to provide a simple community service, Have I Been Pwned sure has, well, "escalated". Today, we support hundreds of thousands of website visitors each day, tens of millions of API queries, and hundreds of millions of password searches. We're processing billions

Troy Hunt
Troy Hunt4d ago
Going live with my weekly vid in 5 minutes! Join Me in Investigating Today’s Data Breaches With the PwnedClaw, the OpenClaw Agentic AI Bot Doing My Legwork https://youtube.com/live/HQYSfszSzx4?feature=share
Weekly Update 497

YouTube
Troy Hunt5d ago
Have I Been Pwned5d ago
New breach: Today, a breach of one of the iterations of the BreachForums hacking forum known as "version 5" was publicly disclosed. Data included 340k unique email addresses, usernames and argon2 password hashes. 96% were already in @haveibeenpwned. More: https://haveibeenpwned.com/Breach/BreachForumsV5
Have I Been Pwned: BreachForums Version 5 Data Breach

In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with usernames and argon2 password hashes.

Have I Been Pwned
Troy Hunt6d ago
Have I Been Pwned6d ago
New breach: In 2015, custom gaming controller maker Scuf Gaming suffered a breach that exposed 129k email addresses. Data also included username, display name, IP address and password hash. 88% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/ScufGaming
Have I Been Pwned: Scuf Gaming Data Breach

In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach. The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes.

Have I Been Pwned
Troy Hunt6d ago
Have I Been Pwned6d ago
New breach: Sound Radix had 293k unique email addresses breached in an incident they disclosed this week before self-submitting it to HIBP. Data included name and potentially hashed password. 76% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/SoundRadix
Have I Been Pwned: Sound Radix Data Breach

In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. Attributed to unauthorised access to a customer support platform, the incident impacted 293k unique email addresses and names of users who had interacted with their support team. Sound Radix advised that whilst there is no evidence their broader user database was accessed, it is possible that additional data including hashed passwords may have been exposed. No financial or credit card information was impacted.

Have I Been Pwned
Show threadTroy Hunt6d ago
@r3pek @haveibeenpwned just email addresses
Troy HuntMar 24
Weekly update is up! Baydöner Breach; Aura Breach; Building PwnedClaw Agentic AI on a Mac Mini to do Data Breach Stuff https://www.troyhunt.com/weekly-update-496/
Weekly Update 496

Watching OpenClaw do its thing must be like watching the first plane take flight. It's a bit rickety and stuck together with a lot of sticky tape, but squint and you can see the potential for agentic AI to change the world as we know it. And I don't think

Troy Hunt
Troy HuntMar 23
Have I Been PwnedMar 23
New breach: In around 2011, the now defunct RuneScape Boards exposed 223k unique email addresses. Data also included username, IP address and salted MD5 password hash. 96% were already in @haveibeenpwned. Read more: https://haveibeenpwned.com/Breach/RSBoards
Have I Been Pwned: RuneScape Boards Data Breach

In around 2011, the RuneScape Boards forum (also known as RSBoards) suffered a data breach that was later redistributed as part of a larger corpus of data. The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes.

Have I Been Pwned