Wallet of Satoshi email database leaked
6489 sats \ 31 comments \ @monaco 14 Sep 2023 bitcoin
I use one time email addresses for wallet of Satoshi. I have about 5 that were only ever used for that service. Each one is getting spammed with fake PayPal receipts with PDF attachments. Beware.
write
preview
related posts
465 sats \ 2 replies \ @shyfire 14 Sep 2023
Precisely why I use https://simplelogin.io/ for everything
reply
1 sat \ 1 reply \ @Natalia 15 Sep 2023
me too, but why even link mails to these wallets, seems quite a honeypot.
reply
0 sats \ 0 replies \ @shyfire 15 Sep 2023
For sure. But it could also be innocuous - wallet recovery etc.
reply
401 sats \ 6 replies \ @nullama 14 Sep 2023
https://haveibeenpwned.com is a great way to check
reply
63 sats \ 5 replies \ @0fje0 14 Sep 2023
I've seen this recommendation so many times but have always wondered what's to stop haveibeenpwned from collecting emails themselves.
Am I overthinking this?
reply
10 sats \ 1 reply \ @TonyGiorgio 14 Sep 2023
You're not wrong. I think they do show leaks without needing to input your info. I mean, they already have your email. The thing they don't have is whether or not the email is someone that cares about if they've gotten their email leaked, if that makes sense. And maybe tie it to an IP address too.
reply
0 sats \ 0 replies \ @0fje0 14 Sep 2023
Yeah, it does make sense, thanks!
I've since read their privacy policy and it seems they do address my concern in there. (See my reply to @nullama)
reply
10 sats \ 2 replies \ @nullama 14 Sep 2023
Fair enough.
It's a legit website from a legit security researcher, but yeah, you would have to trust it somehow....
Keep in mind that most people give away far more personal information on a daily basis than just a single email anyway.
reply
347 sats \ 1 reply \ @0fje0 14 Sep 2023
Well, at least their privacy policy includes this assurance:
We do not collect or store your personal information when you conduct a search in the HIBP database. Searching for an email address or phone number only ever retrieves the data from storage then returns it in the response. The data from the search is not explicitly stored anywhere.
You still have to trust them, though...
reply
0 sats \ 0 replies \ @TonyGiorgio 14 Sep 2023
Good find, yeah they can only do so much.
reply
301 sats \ 0 replies \ @Zepasta 14 Sep 2023
deleted by author
reply
205 sats \ 0 replies \ @ez 14 Sep 2023
big if true, it was always just a matter of time
reply
31 sats \ 2 replies \ @kepford 14 Sep 2023
Pretty sure you don't need to use an email with WoS. Oh course even better is to use a non-custodial wallet like Phoenix, Breez, or Blixt.
reply
471 sats \ 1 reply \ @aoeu 14 Sep 2023
I think you can create a login to ease recovery in case you lose your phone, but otherwise you don’t need a login or email to use it. I have it installed but haven’t had the need to use it yet. If I got any sats there I’d transfer it to when one these non-custodial wallets.
reply
0 sats \ 0 replies \ @kepford 14 Sep 2023
Right, that's what I meant.
reply
31 sats \ 0 replies \ @TheBTCManual 14 Sep 2023
When nostr account creation on WOS?
reply
31 sats \ 0 replies \ @Hypnagog 14 Sep 2023
Start with custodial wallet of satoshi, then move to non custodial mutiny or phoenix.
reply
10 sats \ 0 replies \ @rhombus 14 Sep 2023
Color me surprised.
reply
10 sats \ 0 replies \ @SimpleStacker 14 Sep 2023
I think the email address I used for that is already super public, so no real loss for me here
reply
10 sats \ 1 reply \ @WeAreAllSatoshi 14 Sep 2023
Who hasn’t leaked emails at this point. Just be careful about what you open
reply
10 sats \ 0 replies \ @cryptocoin 14 Sep 2023
My frequency in checking my main email acct is now down to about once every other week. It still takes an hour and a half but that's better done when I can spare the time, rather than ten minutes a day when I really have better things I should be doing.
But even with some spam filtering I am totally disgusted with how totally broken from top to bottom email is.
I don't expect email to go away any time soon but as I personally distance myself further with almost anything email related, the less I care how bad are its flaws are and what impacts others are suffering from dependency on it, -- or their loss of privacy from continued use of it.
reply
21 sats \ 0 replies \ @flix2 15 Sep 2023
First sign that you are using a custodial service: they ask for your e-mail.
reply
1 sat \ 0 replies \ @franzap 15 Sep 2023
And people will still not learn the lesson
reply
1 sat \ 0 replies \ @ryu 15 Sep 2023
Self-custody is the answer.
reply
0 sats \ 0 replies \ @nullama 26 Feb
deleted by author
reply
0 sats \ 0 replies \ @crimsonleaf363 20 Sep 2023
deleted by author
reply
0 sats \ 0 replies \ @Monotone 18 Sep 2023
The best defense is to use disposable email addresses 99% of the time. Simplelogin or Duckduckgo email protection.
reply
0 sats \ 0 replies \ @Radioed1t 17 Sep 2023
Been using wallet of Satoshi and haven't ever gotten spam to my email I made to use it.
reply
0 sats \ 0 replies \ @wikparclones 15 Sep 2023
Wow... 🥵
reply
0 sats \ 0 replies \ @oraltosun 15 Sep 2023
Which one do you prefer instead of WOS?
reply
0 sats \ 0 replies \ @PRA3S3NT1A 15 Sep 2023
That's crazy, thanks for let us know
reply