Digitale Identität schützen – Warum clevere Automatisierung immer wichtiger wird
#Gastartikel #Datenleck #digitaleIdentität #digitalesAbbild #haveibeenpwned #IdentityLeakChecker #MozillaMonitor https://sc.tarnkappe.info/e9e9f4
Apple, Google, GitHub and "more". Megaleak. Doing the #haveibeenpwned shuffle.
https://www.europesays.com/uk/204543/ 16 million passwords leaked on Internet: How to check if your Facebook, Instagram, Gmail password leaked #16MillionPasswordsLeaked #CheckIfYourPasswordIsCompromised #DataBreach #GooglePasswordCheckup #HaveIBeenPwned #Internet #PasswordSecurityTips #Technology #TwoFactorAuthentication #UK #UnitedKingdom
Have I Been Pwned unveils Major Redesign with Confetti Celebration & Unified Dashboard.
The updated interface still highlights a prominent search box for users to check if their email addresses have appeared in a data breach, but after entering an email address, the response experience now shifts: when no breaches are found, users are greeted by a celebratory confetti animation.
![[ScreenShot: haveibeenpwned.com]
Additionally, the domain search tool has received upgrades with improved filters, streamlined verified domain lists and improved summaries. Ownership verification has also been refined, supporting more targeted domain breach checks.](https://nerdculture.de/system/media_attachments/files/114/658/965/275/246/404/original/f68b1128a348f056.jpeg "[ScreenShot: haveibeenpwned.com]
Additionally, the domain search tool has received upgrades with improved filters, streamlined verified domain lists and improved summaries. Ownership verification has also been refined, supporting more targeted domain breach checks.")
@EllyvA : precies. Ook ik ben mens en dus maak ook fouten en doe onverstandige/risicovolle dingen; ik ben als de dood dat ik een keer ergens intrap.
Ik hoop dat ik dan net zo dapper ben als Charlotte Cowles (https://www.thecut.com/article/amazon-scam-call-ftc-arrest-warrants.html - m.i. zeer lezenswaardig) en Troy Hunt (*) in https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/.
In https://www.security.nl/posting/840236/Veilig+inloggen leg ik uit hoe je het veiligste kunt inloggen (dit helpt niet tegen foute sites waarop je nog geen account hebt).
Aanvulling verderop in die pagina (directe link: https://security.nl/posting/876137): zet altijd "Waarschuwen voor onveilige verbindingen" aan als jouw browser dat ondersteunt (met screenshots voor Safari op iPhone/iPad: https://infosec.exchange/@ErikvanStraten/113946883735914839).
(*) Troy Hunt is beheerder van https://haveibeenpwned.com/About
Passiert auch Profis: Gründer von #HaveIBeenPwned fällt auf #Phishing-Mail rein
#TroyHunt fell for a #phishing attack on his mailinglist members: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Some of the ingredients: #Outlook and its habit of hiding important information from the user and missing #2FA which is phishing-resistant.
Use #FIDO2 with hardware tokens if possible (#Passkeys without FIDO2 HW tokens are NOT phishing-resistant due to the possibility of being able to trick users with credential transfers: https://arxiv.org/abs/2501.07380) and avoid Outlook (or #Microsoft) whenever possible.
Further learning: it could happen to the best of us! Don't be ashamed, try to minimize risks and be open about your mistakes.
Note: any 2FA is better than no 2FA at all.
“Infosec veteran Troy Hunt of #HaveIBeenPwned fame is notifying thousands of people after phishers scooped up his #Mailchimp mailing list.
He said the list comprises around 16,000 records and every active #subscriber will be receiving a notification and apology #email soon. …
Around half of these records (7,535), however, pertain to individuals who had #unsubscribed from the list”
#InfoSec / <https://theregister.com/2025/03/25/troy_hunt_mailchimp_phish/>
Für alle #Datenschutz-Nerds da draußen! Schönes Projekt des #Landgerichts #Lübeck: ein kompletter Überblick über die Rechtsprechung der für #Masseverfahren nach #DSGVO zuständigen Spezialkammer gebündelt auf einer Seite: Von #haveibeenpwned über #scraping und #BusinessTools bis #Schufa
#Datenleck-Such-Website #HaveIBeenPwned um 284 Millionen Accounts aufgestockt | Security https://www.heise.de/news/Datenleck-Such-Website-Have-I-Been-Pwned-um-284-Millionen-Accounts-aufgestockt-10296120.html #DataLeak #Datenschutz #privacy #HIBP
Massive Data Leak Alert! - #HaveIBeenPwned (HIBP) adds "ALIEN TXTBASE"—280M emails and passwords from infostealer malware now exposed. Check if you're affected! 
Read: https://hackread.com/have-i-been-pwned-alien-txtbase-data-emails-passwords/
Neues Datenleck bei Have I Been Pwned: 284 Millionen Zugangsdaten hinzugefügt
#Cyberangriffe #Datenschutz #Datenleck #haveibeenpwned #Infostealer #Leak https://sc.tarnkappe.info/d649aa
I'm "one of 28,445,106 people pwned in the French Citizens data breach".
I've been to the Paris airport once, but I'd hardly call myself French.
Breach info (per https://haveibeenpwned.com/):
Breach: French Citizens
Date of breach: 25 Sep 2024
Number of accounts: 28,445,106
Compromised data: Device information, Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses
Description: In September 2024, over 90M rows of data on French Citizens was found left exposed in a publicly facing database. Compiled from various data breaches, the corpus contained 28M unique email addresses with the various source breaches each exposing different fields including name, physical and IP address, phone number and partial credit card data including payment type and last 4 digits.
Spotify wrapped is nice, but what I'd really love to see is @haveibeenpwned wrapped. #haveibeenpwned
DataBreach.com Emerges as Alternative to #HaveIBeenPwned | PCMag
The site comes from #AtlasPrivacy, which has compiled information on data #breaches to help victims learn if they're affected.
#databreach #privacy
https://www.pcmag.com/news/databreachcom-emerges-as-alternative-to-haveibeenpwned
#haveibeenpwned makes advertisement for a #cloud-based #password manager service. 
Meanwhile, while @haveibeenpwned recommends you "Protect yourself with strong, unique passwords for each website with the 1Password password manager", they forget to recommend that you change your password on #InternetArchive and everywhere else where you might be using that same password.
Don't get me wrong. I love #haveibeenpwned and I think it does a great job doing what it does, but these emails should be improved.
@haveibeenpwned recommends using 1Password as a password manager, which is not bad per se, but why 1Password in particular? Are they a sponsor?
Also, they recommend storing the 2nd factor authentication codes in 1Password. Now, I don't know how 1Password works, but storing both factors in the same product doesn't sound like very good advice.
Phew, got my first notification from haveibeenpwned.com today, apparently the Internet archive (which also hosts openlibrary.org where I had a registered account) was breached.
If you have an account on #InternetArchive, #WaybackMachine or #OpenLibrary, make sure to take necessary steps.
♬ 
🅻🅸🅲🅴 (
) 
(D.Burch) 
