The Australian IT security researcher Troy gets to Hunt currently, so much attention like never before. Hunt operates with Haveibeenpwned.com an online service that you can check whether or not the E-Mail address appears in the known data leaks.
Since he was in mid-January reported that the so-called Collection #1 out of more than 770 million addresses and 21 million passwords in a hacker forum, and in his service, entered discovered, will overrun its Website practically. The visitor numbers increased from six in the seven-figure range – per day.
But Hunt is not the Only one of the Internet users reveals whether or not your E-Mail traded addresses or even passwords anywhere in the network and be distributed to: The Hasso-Plattner-Institute (HPI) in Potsdam has a similar service developed. Since 2014, the private University operates the Identity Leak Checker , short ILC. And at the moment is Hunt a step further than Troy.
From now on, more records, you can scour
Not only consisted of the HPI are located in the data since November, the data in January, as Collection #1. Since today’s Thursday and also the Collections of two to five. The existence of which is open to the public since the 18th century. January, known.
it is much more comprehensive than the first Collection. All of the five together comprise about 2.1 billion different E-Mail addresses. “Of which 750 million were not included previously in the database of our Identity Leak checker”, says Chris Pelchen from the HPI. “We found the Collections in a Forum, which we watch permanently.”
It was a Forum in the open-access network, not in the so-called Darknet. In such forums, great packages from various data leaks are compiled again and again, re-titled and then offered for sale. The Collection #1 is about should cost 45 dollars. Often the packages are deployed but at some point, to free Download – so it was the case with the Collections. Asked whether the HPI would spend money to get data and to expand the Identity Leak Checker, says Pelchen: “we are not doing That. This would help the suppliers.”
please check whether your address is
Who now wants to check whether or not the E-Mail appears address somewhere in the stock of HPI, the corresponding address on this Website. As a result, the ILC will generate a message as shown here to the same address, in tabular form, it is stated, when, in which Leak the address and optionally other data, such as passwords, telephone numbers or credit card numbers were included.
Important two things are:
first the Mail from the HPI does not contain the passwords and other data. In the early days the Institute had published these Details on Demand (according to German Federal data protection act) by E-Mail to arbitrary addresses and was sharply been criticized. Theoretically, then everyone would be able to query the complete data of any people. In the meantime, the Institute has improved. You are told only, whether in addition to the E-Mail address, other data are included in a Leak, and that too only in a Mail to the entered address.
Secondly is meant by password, in this connection, the password to the E-Mail Account. Much more common is the case that a Cloud-, Shopping – or any other service couldn’t protect the access data of its users, and consisting of the E-Mail address and their chosen password. Nevertheless, the HPI is recommended to change the password of both of the affected E-Mail Accounts, the passwords of all other Accounts, which is the address registered.
tips for good passwords, you can find here, when you Generate and Remember passwords can you help a password Manager. Additional security against the Takeover of Accounts by Criminals, the Two-factor authentication, offered by many services. It is also called “confirmed registration” and requires that users use the password a second Element for the application on your device. It may be a via SMS Code received, in a special App-generated Code, or to a special physical security key.
reading tip on the topic of Old data leaks MySpace passwords as a template for hackers
note : In a previous version of this article, it was said that the Collections of two to five together would be 2.1 billion different E-Mail addresses. We have corrected that, meant the collections of one to five.