How to See if Your Information Has Been Leaked as Part of a Data Breach

John Biglin, CEO | March 20, 2017

Over the years there have been countless data breaches that have included the theft of user account information. Many are well publicized in the media, however, a number are purposely or irresponsibly not disclosed to the public. Worse, many of the publicized, yet not disclosed, breaches simply go undetected for weeks, months – even years!

With all of these breaches, wouldn’t you like to know if your information definitively was leaked onto the internet? Well, now there is a way to do this.

Troy Hunt, a security researcher and award-winning “Microsoft Most Valuable Professional,” or MVP, has created a research project and website called www.HaveIBeenPwned.com (HIBP), a free service that aggregates the information from data breaches into a searchable database and helps you see if you’ve been impacted by malicious activity on the web.

You see, when data breaches occur that include names, email addresses, passwords, secret questions (and their answers), etc., the bad actors or hackers will often post their cache of stolen information on the Dark Web as “social proof” that their escapades were successful. He or she could also be using your personal information to cause more mayhem by providing it to other bad actors.

Hunt has developed a way to scour the internet’s nooks and crannies to find “chunks” of data from these breaches. Most of the time, he is able to find smaller batches of data from multiple locations, but there are also times he is able to access a large data set, such as the information from the Ashley Madison breach. The media is quick to announce a breach, and sometimes they post where the data exists, but Hunt digs deeper and works to validate that the data is truly correct breach data.

How Do I Check whether or not my information was taken and posted publicly?
Simple – visit www.HaveIBeenPwned.com and enter your email address and click the “pwned?” button. Be sure to try all of your email addresses – the results may surprise you.

The results include whether or not your email address was part of the data captured in a known breach. Information about the breach is shared, including dates and details about the types of information besides your email address that was lost. In my case, as you can see, my professional email address and password were posted after a LinkedIn data breach:

When I entered my personal email account I discovered that my info was leaked from 3 different data breaches. Ugh!

Hunt does not claim to be able to check your email against all past data breaches, but it appears he has been able to build a very large database – over 2 Billion email address entries as I write this post. This information is undoubtedly useful for anyone who wants to know if their information is widely available on the web.

Staying Informed
Another fantastic feature of HIBP are notifications. When sign up, you will receive email alerts if you are included in a new data breach that is discovered or leaked. As an example, I recently received an alert from HIBP because my information was found in a massive data leak related to a major SPAM email organization (even the bad guys lose data sometimes). The only way I found out that my personal info was part of that leak was through the alert functionality that HIBP provides.

I highly recommend checking your email addresses on HIBP so that you can find out where your information has been leaked. You can’t remove your information from a leaked list, but at least you can change your password and other information associated with the account. Better yet, if possible, you can close the account and open a new one with different credentials.

Hopefully you found this information helpful and will consider forwarding it to colleagues, friends and family to help them protect their personal information as well.

If you want to know where your business stands relative to cyber risk, the experts at Interphase Systems would be happy to conduct a security vulnerability assessment and help you make your business systems and information more secure. Contact us today!

Cleaning Your Various Electronic Devices

Mobile phones, computers and tablets connect us to the outside world. However, these items are grounds for breeding bacteria. Now, more than ever, we need to be cognizant of our surroundings and what can spread germs. Interphase Systems has put together a few tips for...

Customer story: Landgren

Customer story: Landgren

For Swedish real estate company Landgren, technological innovation is their key to success. Without an IT department, the company struggled to protect its sensitive company data, especially as business grew.

After adopting a comprehensive security solution from Microsoft 365 Business, Landgren was able to easily comply with strict European and U.S. data privacy standards. With security standards met, company leaders were able to focus on improving mobility and facilitating collaboration among employees. Now all team members have what they need, whenever they need it, from any device anywhere in the world.

Ready to take your business security to the next level? Contact our CyberSecurity team at Interphase Systems, Inc. to learn more: 610-276-5500 or email info@interphasesystems.com. Contact us today!

Microsoft Teams Updated Meeting Experience

Smooth, easy collaboration is more important than ever in today’s workforce.  Microsoft is currently rolling out an updated Teams meeting experience that brings several highly-requested features to organizations that use Teams. This new experience will enable users to...

Introducing the “Lunch Byte” Webinar Series

The way we work has evolved quickly during recent weeks. As a result, people are pressed for time, now more than ever. With these recent changes in working remotely, Interphase Systems has developed its latest “Lunch Byte” webinar series in an effort to help you...

What’s New in Microsoft Teams?

Microsoft Teams is a chat-based collaboration tool that provides global and remote capabilities for various businesses within Office 365. It gives organizations the ability to work together and share information via a common space by employing the use of one-on-one...

Maintaining Security While Working Remotely

Now that many of us are working remotely from home, we need to be sure that we are still protecting ourselves and our company from security threats and risks.  DON’T LET YOUR GUARD DOWN! Some of us may be working on company laptops or PCs and some of us may be working...