HaveIBeenPwned, or HIBP for short, is a useful site to check whether an email has been involved in a known data breach.
It's been running for more than a decade and acts as a repository of data from data-breaches.
For instance, a data breach of half a billion Facebook accounts, (that's 20% of all accounts) seemingly took place before the end of 2019. The breach including the associated phone numbers of all these accounts and, in some cases included other personal details such as date of birth.
When people are aware of a breach and have data from a breach, the data can be uploaded to HIBP anonymously.
If you're not familiar with the word Pwn, as in HaveIBeenPwned,
it means it means 'owned' in Leet Speak. Even Merriam-Webster dictionary added pwn in 2022.
The site mainly is used to let people freely check to see if any of their email addresses has been involved in a data breach. If that's the case, users should normally go back to their breached account and change things like their email address, their password and begin to use two factor authentication (taking care not to rely on SMS 2FA due to the threat of SIM swaps)
But another interesting way to use the site is to look at how much data sites with a common thread have had breaches.
Want to see which Bitcoin related sites have been breached? There's been quite a few of them, as over 8½ million (8,521,915) Bitcoin related accounts were in data breaches:
https://logos.haveibeenpwned.com/BitcoinTalk.png
Bitcoin Talk
In May 2015, the Bitcoin forum Bitcoin Talk was hacked and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.
Breach date: 22 May 2015
Date added to HIBP: 27 March 2017
Compromised accounts: 501,407
Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Passwords, Security questions and answers, Usernames, Website activity
Permalink
https://logos.haveibeenpwned.com/BTCE.png
BTC-E
In October 2014, the Bitcoin exchange BTC-E was hacked and 568k accounts were exposed. The data included email and IP addresses, wallet balances and hashed passwords.
Breach date: 1 October 2014
Date added to HIBP: 12 March 2017
Compromised accounts: 568,340
Compromised data: Account balances, Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
https://logos.haveibeenpwned.com/BTCAlpha.png
BTC-Alpha
In November 2021, the crypto exchange platform BTC-Alpha suffered a ransomware attack data breach after which customer data was publicly dumped. The impacted data included 362k email and IP addresses, usernames and passwords stored as PBKDF2 hashes. The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
Breach date: 2 November 2021
Date added to HIBP: 27 January 2022
Compromised accounts: 362,426
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
https://logos.haveibeenpwned.com/Coinmama.png
Coinmama
In August 2017, the crypto coin brokerage service Coinmama suffered a data breach that impacted 479k subscribers. The breach was discovered in February 2019 with exposed data including email addresses, usernames and passwords stored as MD5 WordPress hashes. The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.
Breach date: 3 August 2017
Date added to HIBP: 30 August 2019
Compromised accounts: 478,824
Compromised data: Email addresses, Passwords, Usernames
Permalink
https://logos.haveibeenpwned.com/Gemini.png
Gemini
In late 2022, data allegedly taken from the Gemini crypto exchange was posted to a public hacking forum. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to an incident at a third-party vendor (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
Breach date: 13 December 2022
Date added to HIBP: 16 December 2022
Compromised accounts: 5,274,214
Compromised data: Email addresses, Partial phone numbers
Permalink
https://logos.haveibeenpwned.com/Ledger.png
Ledger
In June 2020, the hardware crypto wallet manufacturer Ledger suffered a data breach that exposed over 1 million email addresses. The data was initially sold before being dumped publicly in December 2020 and included names, physical addresses and phone numbers. The data was provided to HIBP by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock.
Breach date: 25 June 2020
Date added to HIBP: 20 December 2020
Compromised accounts: 1,075,241
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
Permalink
https://logos.haveibeenpwned.com/AtlasQuantum.png
Atlas Quantum
In August 2018, the cryptocurrency investment platform Atlas Quantum suffered a data breach. The breach leaked the personal data of 261k investors on the platform including their names, phone numbers, email addresses and account balances.
Breach date: 25 August 2018
Date added to HIBP: 27 August 2018
Compromised accounts: 261,463
Compromised data: Account balances, Email addresses, Names, Phone numbers
Permalink
If all of this inspires you to upgrade your security, whether it's not using KYC exchanges, using dedicated email addresses or changing your 2FA from SMS to an Yubikey or authenticator, the website has done it's job.
If you find Troy Hunt's haveibeenpwned resource useful, you can donate Sats to the project at:
https://haveibeenpwned.com/Donate