Have I been Pwned?
Posted on 05/04/17
Listening to a recent episode of the awesome podcast ReplyAll (it’s a podcast about all things web – definitely worth checking out if you haven’t already) we had our eyes opened to some seriously freaky stuff.
The episode starts with a guy who’s Uber was being used by a stranger in Russia.
'Simples' - you might think. His Uber was hacked. But you'd be wrong.
An investigation into the issue takes the team down a rabbit hole that reveals some much more alarming facts.
His email and password were openly for sale on the dark web …........ along with BILLIONS of other emails and passwords.
And the data breach wasn’t even at Uber. It was a whole other company, but like a lot of folk, this person was using the same password for multiple platforms meaning whoever bought it had access to all of his accounts.
So, have you been pwned too?
Thankfully, knight in shining armour, internet security expert and all round hero, Troy Hunt, has set up a website ‘Have I Been Pwned?’ so we can easily check if our personal data is up on the dark web with a big ‘For Sale’ sign on it.
Troy has compiled a database of billions of emails, stolen in hundreds of data hacks over the last few years and you can check if your email is among them by entering it in the search bar.
After entering some of our personal email addresses to test it out, hitting the ’pwned?’ button, and feeling pretty low-key about the whole thing, we got hit with the fact that some of our emails and passwords were available on the dark web as a result of data breaches in both DropBox and LinkedIn!
The really scary thing is these particular data breaches happened waaaayyyy back in 2012/13 and the hackers sat on the data before trading it online 4 years later.
That means hackers could be sitting on more of your data without being able to tell because they haven’t tried to trade it yet.
So what to do?
Well if you haven’t already, it might be worth shooting over to ‘Have I been Pwned?’ and seeing if any of your data is already out there.
But the BIG lesson has to be,
DON’T USE THE SAME PASSWORD FOR ALL YOUR ACCOUNTS!!!!!
And you can get back to doing what you do ......
Back to news