Have You Been Pwned?
Tuesday, January 21, 2014 - 01:35 PM
It's has simply become a fact of life now that personal information is going to be compromised by hackers. Both private and public entities are routinely having information stolen because they are either unable or unwilling to properly inoculate against these kinds of attacks. So if you can't rely on third parties to safeguard your data, there should at least be a way to know if it has fallen into the hands of hackers. Now there is.
Have I been pwned is a website that keeps track of all the public releases of user data, and allows you to check your email address against the information that's out there. For me, it was immediately helpful - it told me that I had, in fact, been pwned when Gawker's user account system was hacked a few years ago.
Of course, this website is limited to account data that has been posted publicly. Things like last month's Target hack will not show up here, because that information has not popped up on torrent sites or PasteBin like the Gawker hack did. But sites like this could be a template for companies to roll out a similar system in the future.
Another useful feature I could see being built into a site like this would be some kind of pwnage gradation system, which would let you know just how much or what kind of information about you is floating around out there. But still, this a nice start. Now if you'll excuse me, I have to go change all my passwords.
(h/t Chris[p] Neary)