Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Privacy The Internet

DataBreach.com Emerges As Alternative To HaveIBeenPwned (pcmag.com) 21

An anonymous reader quotes a report from PCMag: Have I Been Pwned has long been one of the most useful ways to learn if your personal information was exposed in a hack. But a new site offers its own powerful tool to help you check if your data has been leaked to cybercriminals. DataBreach.com is the work of a New Jersey company called Atlas Privacy, which helps consumers remove their personal information from data brokers and people search websites. On Wednesday, the company told us it had launched DataBreach.com as an alternative to Have I Been Pwned, which is mainly searchable via the user's email address. DataBreach.com is designed to do that and more. In addition to your email address, the site features an advanced search function to see whether your full name, physical address, phone number, Social Security number, IP address, or username are in Atlas Privacy's extensive library of recorded breaches. More categories will also be added over time.

Atlas Privacy has been offering its paid services to customers, such as police officers and celebrities, to protect bad actors from learning their addresses or phone numbers. In doing so, the company has also amassed over 17.5 billion records from the numerous stolen databases circulating on the internet, including in cybercriminal forums. As a public service, Atlas is now using its growing repository of stolen records to create a breach notification site, free of charge. DataBreach.com builds off Atlas's effort in August to host a site notifying users whether their Social Security number and other personal information were leaked in the National Public Data hack. Importantly, Atlas designed DataBreach.com to prevent it from storing or collecting any sensitive user information typed into the site. Instead, the site will fetch a hash from Atlas' servers, or a fingerprint of the user's personal information -- whether it be an email address, name, or SSN -- and compare it to whatever the user is searching for. "The comparison will be done locally," meaning it'll occur on the user's PC or phone, rather than Atlas's internet server, de Saint Meloir said.

This discussion has been archived. No new comments can be posted.

DataBreach.com Emerges As Alternative To HaveIBeenPwned

Comments Filter:
  • by sinkskinkshrieks ( 6952954 ) on Thursday November 07, 2024 @06:35AM (#64927325)
    PC Mag paid content blogging can take a hike.
  • I know that these databases are out there for anyone to find on bittorrent, but it's pretty ludicrous that they just put that search for any email address out there without confirming that it's your address. This is way too easy to get that info.

    • by AvitarX ( 172628 )

      I just checked my phone number.

      It lists the breaches and the types of data, but I don't see the contents.

      I suppose that the phone number is associated with linkedin and Facebook is something, but doesn't really seem like a privacy breach to me.

    • by Anonymous Coward
      That's like saying it's ludicrous that google lets you search for a name without confirming you're that person. Or that it's ludicrous a phone book lets you look up phone numbers and physical addresses without confirming they belong to you. Or actually this isn't even as bad as those because these databases don't actually give you the compromised info, they just let you know it's out there. A malicious person can just open the leaked data and Ctrl+F your email address, these databases don't make anything ea
      • by Njovich ( 553857 )

        Google or the phone book don't show this data though? Like if Google showed that I have an account at some website I would find it ludicrous as well, but Gogole at least allows easy removal. Phone books allow easy removal as well.

  • Here me out for a moment -

    Clearly the provinence behind HaveIBeenPwned is much better than this commercial shenanigan — However having some manner of redundancy for something as important as HaveIBeenPwned.com is useful. Presently HaveIBeenPwned's bus-factor is only 1 (IIRC) ( https://en.wikipedia.org/wiki/... [wikipedia.org] ).

  • Aggregating this data provides a very convenient resource for hackers. I sure hope their security department is on the ball.

    • Are you new to this?

      It sounds like you're new to this. And hilariously ignorant.

      Next up, explain how social media should do age verification. It's my favorite!

    • by Shag ( 3737 )

      Yeah, whats the Vegas line on how soon we see "DataBreach.com breached" in the news?

  • by awwshit ( 6214476 ) on Thursday November 07, 2024 @11:53AM (#64927903)

    Its not a honeypot, pinky swear. Just go ahead and start entering your personal information, no worries. Better check if your password has been cracked, enter it here.

  • Assume your data has been leaked.

    If you put it on the internet, it has been leaked. Live life accordingly.

  • I tried a few of my old e-mail addresses that no longer work.
    • One very old one that I know was leaked at least twice around 2000 (but no longer know when and how) was not reported.
    • One was correctly identified as leaked in the 2003 Adobe hack - I knew that already.
    • One that stopped working in 2014 was reported as not leaked. I am, however, about 80% that it was leaked at least once around 2010-2012 (I don't remember the specifics of that, however).
    • One was claimed to be leaked in the 2021 LI scraping, but.

"You're a creature of the night, Michael. Wait'll Mom hears about this." -- from the movie "The Lost Boys"

Working...