Useful site to tell is an email is part of a data breach

[Randomal]

Troy hunt has released v2 of his very useful website Have I been pwned. What this does is to Check if you have an email account that has been compromised in a data breach?

https://haveibeenpwned.com/

 

[Diggs]

Hmm... I can't come up with one of my 6 email addresses that haven't been pwnd. D&B, Dropbox, Discuss, etc. All have had breaches. I'm not sure what good this site is actually. Data breaches are ubiquitous these days.

 

[fencepost]

What I'd really need is something that let me check if a domain had any addresses compromised, but that would be too useful for attackers.

I suppose I could put together something to use the API and check a list of all client email addresses. Checking mine would be less useful, since I generally use unique addresses per site for most things.

 

[mraikes]

Hmm... I can't come up with one of my 6 email addresses that haven't been pwnd. D&B, Dropbox, Discuss, etc. All have had breaches. I'm not sure what good this site is actually. Data breaches are ubiquitous these days.

^^ Definitely this. There's little value in knowing that one or more of my email addresses was part of a breach. I hate to be so jaded, but really so what? Shoot, I know any given email address I use will be harvested, sold, or used by a "Valued Partner!" in accordance with some 43 page privacy agreement that was imposed upon me.

For quite a few years, I too have used unique addresses for almost everything. And it's very common for those addresses to eventually come back to me from someone who is NOT who I originally provided the address to. I speculate that some companies might work to keep my info private for a little while - perhaps as long as I'm an active customer. But if I stop being a customer they squeeze one last fraction of a cent out of selling my info to someone else.

Interestingly, in the 8-9 years I've been hanging out here, I don't think my TN email address has ever popped up from someone else. Way to go Bryce!

 

[HankArnold]

^^ Definitely this. There's little value in knowing that one or more of my email addresses was part of a breach. I hate to be so jaded, but really so what? Shoot, I know any given email address I use will be harvested, sold, or used by a "Valued Partner!" in accordance with some 43 page privacy agreement that was imposed upon me.

I tend to agree. Actually, of the 4 addresses I've used two (current ones) were reported as "not pwned". I was a bit surprised. I tell everyone of my friends that they must assume that all thee personal data is "out there" somewhere and that they need to put protections in place and practice "cafe computing".