Another Major Email & Password Breach

Page 1 of 2 12 LastLast
  1.    17 Jan 2019 #1

    Another Major Email & Password Breach


    See https://www.wired.com/story/collecti...nts-passwords/

    Is there any way to find out on which sites your address has been compromised?
      My ComputersSystem Spec

  2.    17 Jan 2019 #2

    Steve C said: View Post
    See https://www.wired.com/story/collecti...nts-passwords/

    Is there any way to find out on which sites your address has been compromised?
    If you enter your email on the site mentioned in the article and scroll down it shows details of which sites were compromised (assuming your email is one of them):
    https://haveibeenpwned.com/

    and just for example:

    https://prnt.sc/m8hgzm

    I don't mind sharing this because I deactivated the compromised account once I knew of the problem.
      My ComputerSystem Spec

  3.    17 Jan 2019 #3

    Steve C said: View Post
    See https://www.wired.com/story/collecti...nts-passwords/

    Is there any way to find out on which sites your address has been compromised?
    Troy Hunt: The 773 Million Record Data Breach

    Whilst I can't tell you precisely what password was against your own record in the breach, I can tell you if any password you're interested in has appeared in previous breaches Pwned Passwords has indexed. If one of yours shows up there, you really want to stop using it on any service you care about.
      My ComputerSystem Spec


  4. Posts : 13
    Windows 10 Home Version 1803
       18 Jan 2019 #4

    So...in order to find out whether I have been 'pwned', I am to enter my email address into a site that I know nothing about called HIBP....
      My ComputerSystem Spec

  5. Cliff S's Avatar
    Posts : 23,224
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       18 Jan 2019 #5

    The site owner can be trusted all the security sites recommend him, and he is a long time Microsoft MVP: Troy Hunt
      My ComputersSystem Spec

  6. Cliff S's Avatar
    Posts : 23,224
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       18 Jan 2019 #6

    Oh and he is a Microsoft Regional Director.
    Troy Hunt: Troy Hunt
      My ComputersSystem Spec

  7. Cliff S's Avatar
    Posts : 23,224
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       18 Jan 2019 #7

      My ComputersSystem Spec


  8. Posts : 554
    Ubuntu 18.04, Windows 10 pro 18.09, win 8.1 pro
       18 Jan 2019 #8

    retexan599 said: View Post
    So...in order to find out whether I have been 'pwned', I am to enter my email address into a site that I know nothing about called HIBP....
    I think this is a interesting question and searched for info in the HIBP site:

    from the site:

    When you search for an email address

    Searching for an email address only ever retrieves the address from storage then returns it in the response, the searched address is never explicitly stored anywhere. See the Logging section below for situations in which it may be implicitly stored.

    Data breaches flagged as sensitive are not returned in public searches, they can only be viewed by using the notification service and verifying ownership of the email address first. Sensitive breaches are also searchable by domain owners who prove they control the domain using the domain search feature. Read about why non-sensitive breaches are publicly searchable.

    Logging

    Only the bare minimum logs required to keep the service operational and combat malicious activity are stored. This includes transient web server logs, logging of unhandled exceptions using Raygun, Google Analytics to assess usage patterns and Application Insights for performance metrics. These logs may include information entered into a form by the user, browser headers such as the user agent string and in some cases, the user's IP address.


    Is my email address saved when searched ? I understand yes it is, albeit the formulation is quite obscure and difficult to understand. Am I wrong?
      My ComputerSystem Spec

  9. Cliff S's Avatar
    Posts : 23,224
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       18 Jan 2019 #9

    roy111 said: View Post
    [/I]Is my email address saved when searched ? I understand yes it is, albeit the formulation is quite obscure and difficult to understand. Am I wrong?
    The site is currently down right now, but The Electronic Frontier Foundation has a tool/site, that shows you just how much information can be gleaned from your browser and browser header.
    Panopticlick

    In addition to tracker blocking, Panopticlick measures the uniqueness of your browser. We anonymously log the following information, and compare it to a database of many other Internet users' configurations that we’ve observed recently:
    The user agent string from each browser
    The HTTP ACCEPT headers sent by the browser
    Screen resolution and color depth
    The Timezone your system is set to
    The browser extensions/plugins, like Quicktime, Flash, Java or Acrobat, that are installed in the browser, and the versions of those plugins
    The fonts installed on the computer, as reported by Flash or Java.
    Whether your browser executes JavaScript scripts
    Yes/no information saying whether the browser accepts various kinds of cookies and "super cookies"
    A hash of the image generated by canvas fingerprinting
    A hash of the image generated by WebGL fingerprinting
    Yes/no whether your browser is sending the Do Not Track header
    Your system platform (e.g. Win32, Linux x86)
    Your system language (e.g. en-US)
    Your browser's touchscreen support
    Then, we generate a uniqueness score — letting you see how easily identifiable you might be as you surf the web. Here’s more information on how this score is derived.
    Panopticlick | About
      My ComputersSystem Spec


  10. Posts : 554
    Ubuntu 18.04, Windows 10 pro 18.09, win 8.1 pro
       18 Jan 2019 #10

    I understand that you say privacy is hard to have nowadays, I can agree with that
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
I have had to change the password for one of my email accounts. I can now access it online but cannot update the password in my Desktop Mail app. The Fix and the Attention needed links no longer offer me the change password option, as they once did....
Using Edge, Mail linked to ATT. (Post written for lpatrick by wife. lpatrick has lost numerous cognitive abilities after suffering a stroke so I am trying to help. lpatrick loves his pc and tablet but things are currently a mess. Our pc was...
Major Data Breach in AntiVirus, Firewalls and System Security
I have just been alerted to this data breach of email addresses and passwords https://www.troyhunt.com/ive-just-added-2844-new-data-breaches-with-80m-records-to-have-i-been-pwned/ I've changed any passwords which may be affected.
Can't change email password in Browsers and Email
Windows 10 automatically attempted to sync my email information when I initially setup my computer. The problem is that is has an incorrect password (I have no idea what it is or where it came from). I've changed the password every way I can think...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:10.
Find Us