Troy Hunt’s haveibeenpwned tool has received a significant update, revealing over 70 million new compromised email addresses. The tool enables you to check if your email address has been leaked and associated with stolen data.
haveibeenpwned by Troy Hunt
By entering your email address on haveibeenpwned, you can quickly check if it appears in connection with leaked data. The operator, Troy Hunt, immediately displays the result of your check.
The result reveals tips to enhance your mail account’s security and on which breaches your mail password was exposed. It also allows checking telephone numbers for breaches and searching for stolen passwords. Additionally, you can set up automatic notifications if your email appears in a breach.
Even if your email address doesn’t show up in a data leak, it doesn’t guarantee it hasn’t been hacked or is easy to hack due to a weak password. Conversely, your email address being included in a breach doesn’t necessarily mean it’s being misused.
Troy Hunt, the operator, is a security consultant from Australia and manages a Twitter channel on data leaks on the web.
Tip: How to avoid email stalking and protect your privacy
Although haveibeenpwned can potentially be misused, avoid entering your generally known email address, especially for services requiring discretion. Determine an additional, well-disguised email without any identifying information if necessary. Firefox Monitor also uses haveibeenpwned.
HPI Identity Leak Checker
HPI Identity Leak Checker from the Hasso Plattner Institute for Digital Engineering sends an email to the checked email address rather than displaying the check results directly on the website, thus minimizes misuse. The tool is operated at the University of Potsdam.
Identity Leak Checker of the University of Bonn
Similar to HPI’s checker, the University of Bonn offers a leak checker, where the result of the check is sent to the email address entered, preventing misuse or spying attempts.
How to react correctly
If any of the tools indicate your email’s appearance in data leaks, immediately change your password, including for other services, if applicable. Implement two-factor authentication if supported. Use a password manager and create unique, secure passwords.
Where do the stolen email addresses come from?
Most stolen email addresses result from attacks on company servers where you’ve registered your email. You can’t prevent such attacks, but you can mitigate harms.
This article appeared originally on pcwelt.de and has been translated from German to English.