Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Privacy The Almighty Buck The Internet

The Biggest Data Breach Archive On the Internet Is For Sale (vice.com) 54

Troy Hunt, the owner and founder of the well-known and respected data breach notification website "Have I Been Pwned," announced today that he's actively looking for a buyer.

"To date, every line of code, every configuration and every breached record has been handled by me alone. There is no 'HIBP team,' there's one guy keeping the whole thing afloat," Hunt wrote. "It's time for HIBP to grow up. It's time to go from that one guy doing what he can in his available time to a better-resourced and better-funded structure that's able to do way more than what I ever could on my own." Motherboard reports: Over the years, Have I Been Pwned has become the repository for data breaches on the internet, a place where users can search for their email address and see whether they have been part of a data breach. It's now also a service where people can sign up to get notified whenever their accounts get breached. It's perhaps the most useful, free, cybersecurity service in the world. Hunt said he's already had informal conversations with some organizations that might be interested in buying the service. Hunt said he's engaged the financial consulting firm KPMG to look for a buyer.

In the post, Hunt shared some staggering numbers that explain just how big Have I Been Pwned has become: 8 billion breached records, nearly 3 million people subscribed to notifications, who have been emailed about a breach 7 million times, 150,000 unique visitors to the site on a normal day, 10 million on an abnormal day. Regardless of who buys the site, Hunt made a series of commitments on the future of Have I Been Pwned: searches should remain free for consumers, the platform should expand and grow, and, finally, he wants to stay involved in some capacity.

This discussion has been archived. No new comments can be posted.

The Biggest Data Breach Archive On the Internet Is For Sale

Comments Filter:
  • by Anonymous Coward

    But only very few I would trust. I would never submit my email address to any site owned by Google, Facebook or Microsoft for example.

    Mozilla would probably be the best choice.

    • by AmiMoJo ( 196126 )

      I wonder if there are privacy implications. The databases likely contain a lot of personal information. Real names, DoB, email addresses etc.

      Not sure what the laws are in Australia, but there are GDPR implications here.

    • My least favorite security company choice would be Symantec, so many bad things, so many bad things.
  • by Kernel Kurtz ( 182424 ) on Tuesday June 11, 2019 @05:03PM (#58747106)

    That the important point the founder brought to the table. Tons of companies will happily buy this for its perceived commercial value, and it will be sketchy forever after.

    • by AmiMoJo ( 196126 )

      Hopefully Troy will only sell to someone reputable. Google uses the database, as well as a number of other security focused companies.

      The only issue I can see is GDPR compliance. Any big company will be affected by GDPR and the leaked data likely contains PI.

  • Commitments, hey (Score:5, Interesting)

    by martinX ( 672498 ) on Tuesday June 11, 2019 @06:08PM (#58747374)

    1. The buyer will squeeze him out within 6 months. 12 tops.
    2. The buyer will start making deals with companies that have suffered breaches to keep their breach quiet. For a while. For a fee.
    3. The platform will stagnate.

    • by Anonymous Coward

      exactly this! he went and talked to M&A people at KPMG, of course they are going to sell him on the idea that his commitments will actually mean something after what he hopes is a merger between his company and some other company. His commitments mean squat if its an acquisition and they dont really hold up in the case of a merger either as a more powerful entity that he is merging with can easily squeeze him out if they feel like his presence is standing in the way of more profits.

      Pay attention people,

  • by grilled-cheese ( 889107 ) on Tuesday June 11, 2019 @10:23PM (#58748196)
    It's a testament to his ability to keep it alive and thriving by himself this long at that scale for something this important.
    • by AmiMoJo ( 196126 )

      I'm surprised he couldn't find anyone to pay him. Lots of companies use his database, e.g. Lastpass and Google both use it to warn against using leaked passwords. Surely between them they could throw him a few bucks, enough to hire someone to manage the system.

  • by Fusen ( 841730 ) on Wednesday June 12, 2019 @06:14AM (#58749056)

    Unfortunately when money starts to get involved things go down hill.

    If someone buys this then they are going to realistically want some sort of return on the investment and when they want money back then the end user will start to lose things.

    You can argue that someone has to pay for these things and nothing in life is free but it's simply the case that as soon as people view something as a way to make money then users suffer.

  • This sounds like a job for Mozilla. Considering they're already using the list..

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...