Target. eBay. Home Depot. What do these marketplaces have in common? Some might say they’ve all been totally “pwned.”
To those not savvy to hacker culture, to “pwn” means to compromise or take control, which means all of these businesses have experienced highly publicized data breaches in the past, sending customers into a panic about whether their private information had been stolen.
Have you ever wondered if you were among the millions upon millions of victims whose information had been compromised in the past? A new website is making it much easier to find out: haveibeenpwned.com.
Founded by Microsoft Regional Director Troy Hunt, Have I Been Pwned? aggregates data from publicly leaked breaches and makes it readily searchable. All you have to do is enter your email address or username in question, hit enter and it can tell you if you have used that account on a site that has fallen victim to a breach.
In the unfortunate event that your data may have been breached, the site will then list any services or pages where you have entered that data. It also will help you review the types of data that were compromised -- such as email addresses, passwords and credit cards -- and suggests steps to take for appropriate action.
Have I Been Pwned? also notifies you if your data may have been pasted to a publicly facing website designed to share content, meaning it has been posted in a thread somewhere where hackers can easily steal your information.
“I created Have I Been Pwned? as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or ‘pwned’ in a data breach,” explains Hunt on the site. “I wanted to keep it dead simple to use and entirely free so that it could be of maximum benefit to the community.”
Still a little confused? You’re not alone, that’s why Hunt offers a FAQ page on the site.
“Data breaches are rampant and many people don't appreciate the scale or frequency with which they occur,” Hunt writes. “By aggregating the data here, I hope that it not only helps victims learn of compromises of their accounts but also highlights the severity of the risks of online attacks on today's Internet.”
To verify the legitimacy of Have I Been Pwned?, we talked with KVUE’s in-house tech expert System Administrator Tracy Davis.
“Haveibeenpwned.com is a good resource to find out if your email address has been exposed as a result of any of the numerous website breaches that have been reported over the last several years,” he said. “The site is run by a Microsoft Regional Director and MVP who has years of experience in the IT security field.”
For a history of data breaches and other business who have experienced compromised data, click here.
Be safe out there, and try not to get pwned!