Wallet of Satoshi email database leaked
6489 sats \ 30 comments \ @monaco 14 Sep bitcoin
I use one time email addresses for wallet of Satoshi. I have about 5 that were only ever used for that service. Each one is getting spammed with fake PayPal receipts with PDF attachments. Beware.
write
preview
related
423 sats \ 2 replies \ @shyfire 14 Sep
Precisely why I use https://simplelogin.io/ for everything
reply
1 sat \ 1 reply \ @Natalia 15 Sep
me too, but why even link mails to these wallets, seems quite a honeypot.
reply
0 sats \ 0 replies \ @shyfire 15 Sep
For sure. But it could also be innocuous - wallet recovery etc.
reply
401 sats \ 6 replies \ @nullama 14 Sep
https://haveibeenpwned.com is a great way to check
reply
63 sats \ 5 replies \ @0fje0 14 Sep
I've seen this recommendation so many times but have always wondered what's to stop haveibeenpwned from collecting emails themselves.
Am I overthinking this?
reply
10 sats \ 2 replies \ @nullama 14 Sep
Fair enough.
It's a legit website from a legit security researcher, but yeah, you would have to trust it somehow....
Keep in mind that most people give away far more personal information on a daily basis than just a single email anyway.
reply
347 sats \ 1 reply \ @0fje0 14 Sep
Well, at least their privacy policy includes this assurance:
We do not collect or store your personal information when you conduct a search in the HIBP database. Searching for an email address or phone number only ever retrieves the data from storage then returns it in the response. The data from the search is not explicitly stored anywhere.
You still have to trust them, though...
reply
0 sats \ 0 replies \ @TonyGiorgio 14 Sep
Good find, yeah they can only do so much.
reply
10 sats \ 1 reply \ @TonyGiorgio 14 Sep
You're not wrong. I think they do show leaks without needing to input your info. I mean, they already have your email. The thing they don't have is whether or not the email is someone that cares about if they've gotten their email leaked, if that makes sense. And maybe tie it to an IP address too.
reply
0 sats \ 0 replies \ @0fje0 14 Sep
Yeah, it does make sense, thanks!
I've since read their privacy policy and it seems they do address my concern in there. (See my reply to @nullama)
reply
301 sats \ 0 replies \ @Onions 14 Sep
reply
205 sats \ 0 replies \ @ez 14 Sep
big if true, it was always just a matter of time
reply
31 sats \ 2 replies \ @kepford 14 Sep
Pretty sure you don't need to use an email with WoS. Oh course even better is to use a non-custodial wallet like Phoenix, Breez, or Blixt.
reply
471 sats \ 1 reply \ @aoeu 14 Sep
I think you can create a login to ease recovery in case you lose your phone, but otherwise you don’t need a login or email to use it. I have it installed but haven’t had the need to use it yet. If I got any sats there I’d transfer it to when one these non-custodial wallets.
reply
0 sats \ 0 replies \ @kepford 14 Sep
Right, that's what I meant.
reply
31 sats \ 0 replies \ @TheBTCManual 14 Sep
When nostr account creation on WOS?
reply
10 sats \ 1 reply \ @WeAreAllSatoshi 14 Sep
Who hasn’t leaked emails at this point. Just be careful about what you open
reply
10 sats \ 0 replies \ @cryptocoin 14 Sep
My frequency in checking my main email acct is now down to about once every other week. It still takes an hour and a half but that's better done when I can spare the time, rather than ten minutes a day when I really have better things I should be doing.
But even with some spam filtering I am totally disgusted with how totally broken from top to bottom email is.
I don't expect email to go away any time soon but as I personally distance myself further with almost anything email related, the less I care how bad are its flaws are and what impacts others are suffering from dependency on it, -- or their loss of privacy from continued use of it.
reply
31 sats \ 0 replies \ @Hypnagog 14 Sep
Start with custodial wallet of satoshi, then move to non custodial mutiny or phoenix.
reply
10 sats \ 0 replies \ @rhombus 14 Sep
Color me surprised.
reply
10 sats \ 0 replies \ @SimpleStacker 14 Sep
I think the email address I used for that is already super public, so no real loss for me here
reply
21 sats \ 0 replies \ @flix2 15 Sep
First sign that you are using a custodial service: they ask for your e-mail.
reply
1 sat \ 0 replies \ @franzap 15 Sep
And people will still not learn the lesson
reply
1 sat \ 0 replies \ @ryu 15 Sep
Self-custody is the answer.
reply
0 sats \ 0 replies \ @crimsonleaf363 20 Sep
deleted by author
reply
0 sats \ 0 replies \ @Monotone 18 Sep
The best defense is to use disposable email addresses 99% of the time. Simplelogin or Duckduckgo email protection.
reply
0 sats \ 0 replies \ @Radioed1t 17 Sep
Been using wallet of Satoshi and haven't ever gotten spam to my email I made to use it.
reply
0 sats \ 0 replies \ @wikparclones 15 Sep
Wow... 🥵
reply
0 sats \ 0 replies \ @oraltosun 15 Sep
Which one do you prefer instead of WOS?
reply
0 sats \ 0 replies \ @solis 15 Sep
That's crazy, thanks for let us know
reply