HaveIBeenPwned, or HIBP for short, is a useful site to check whether an email has been involved in a known data breach.
It's been running for more than a decade and acts as a repository of data from data-breaches.
For instance, a data breach of half a billion Facebook accounts, (that's 20% of all accounts) seemingly took place before the end of 2019. The breach including the associated phone numbers of all these accounts and, in some cases included other personal details such as date of birth.
When people are aware of a breach and have data from a breach, the data can be uploaded to HIBP anonymously.
If you're not familiar with the word Pwn, as in HaveIBeenPwned,
it means it means 'owned' in Leet Speak. Even Merriam-Webster dictionary added pwn in 2022.
The site mainly is used to let people freely check to see if any of their email addresses has been involved in a data breach. If that's the case, users should normally go back to their breached account and change things like their email address, their password and begin to use two factor authentication (taking care not to rely on SMS 2FA due to the threat of SIM swaps)
But another interesting way to use the site is to look at how much data sites with a common thread have had breaches.
Want to see which Bitcoin related sites have been breached? There's been quite a few of them, as over 8½ million (8,521,915) Bitcoin related accounts were in data breaches:
https://logos.haveibeenpwned.com/BitcoinTalk.png Bitcoin Talk In May 2015, the Bitcoin forum Bitcoin Talk was hacked and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.
Breach date: 22 May 2015 Date added to HIBP: 27 March 2017 Compromised accounts: 501,407 Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Passwords, Security questions and answers, Usernames, Website activity Permalink
https://logos.haveibeenpwned.com/BTCE.png BTC-E In October 2014, the Bitcoin exchange BTC-E was hacked and 568k accounts were exposed. The data included email and IP addresses, wallet balances and hashed passwords.
Breach date: 1 October 2014 Date added to HIBP: 12 March 2017 Compromised accounts: 568,340 Compromised data: Account balances, Email addresses, IP addresses, Passwords, Usernames, Website activity Permalink
https://logos.haveibeenpwned.com/BTCAlpha.png BTC-Alpha In November 2021, the crypto exchange platform BTC-Alpha suffered a ransomware attack data breach after which customer data was publicly dumped. The impacted data included 362k email and IP addresses, usernames and passwords stored as PBKDF2 hashes. The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
Breach date: 2 November 2021 Date added to HIBP: 27 January 2022 Compromised accounts: 362,426 Compromised data: Email addresses, IP addresses, Passwords, Usernames Permalink
https://logos.haveibeenpwned.com/Coinmama.png Coinmama In August 2017, the crypto coin brokerage service Coinmama suffered a data breach that impacted 479k subscribers. The breach was discovered in February 2019 with exposed data including email addresses, usernames and passwords stored as MD5 WordPress hashes. The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.
Breach date: 3 August 2017 Date added to HIBP: 30 August 2019 Compromised accounts: 478,824 Compromised data: Email addresses, Passwords, Usernames Permalink
https://logos.haveibeenpwned.com/Gemini.png Gemini In late 2022, data allegedly taken from the Gemini crypto exchange was posted to a public hacking forum. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to an incident at a third-party vendor (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
Breach date: 13 December 2022 Date added to HIBP: 16 December 2022 Compromised accounts: 5,274,214 Compromised data: Email addresses, Partial phone numbers Permalink
https://logos.haveibeenpwned.com/Ledger.png Ledger In June 2020, the hardware crypto wallet manufacturer Ledger suffered a data breach that exposed over 1 million email addresses. The data was initially sold before being dumped publicly in December 2020 and included names, physical addresses and phone numbers. The data was provided to HIBP by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock.
Breach date: 25 June 2020 Date added to HIBP: 20 December 2020 Compromised accounts: 1,075,241 Compromised data: Email addresses, Names, Phone numbers, Physical addresses Permalink
https://logos.haveibeenpwned.com/AtlasQuantum.png Atlas Quantum In August 2018, the cryptocurrency investment platform Atlas Quantum suffered a data breach. The breach leaked the personal data of 261k investors on the platform including their names, phone numbers, email addresses and account balances.
Breach date: 25 August 2018 Date added to HIBP: 27 August 2018 Compromised accounts: 261,463 Compromised data: Account balances, Email addresses, Names, Phone numbers Permalink
If all of this inspires you to upgrade your security, whether it's not using KYC exchanges, using dedicated email addresses or changing your 2FA from SMS to an Yubikey or authenticator, the website has done it's job.
If you find Troy Hunt's haveibeenpwned resource useful, you can donate Sats to the project at: https://haveibeenpwned.com/Donate
41 sats \ 3 replies \ @gd 11 Jan
I’ve also been getting Swan databreach notifications.
I’ve had no word from Swan on the fact they’ve been hacked, but my details are on the dark web…
reply
Interesting.
Can I ask where you've been getting these notifications from?
reply
21 sats \ 1 reply \ @gd 11 Jan
I have a DarkWeb monitoring service through my password manager. I believe managers like Dashlane, proton pass, last pass provide this service
reply
Sounds awesome. What a great idea!
reply
21 sats \ 1 reply \ @kepford 11 Jan
Mentioning for others that wonder. Bitwarden offers a lookup tool to check your email in known breaches.
reply
Thanks for the info!
reply
It's quite sobering to see that Gemini's 2022 data breach accounts for well over half of the 8½ million total with 5¼ million accounts.
reply