Posts filtered by tags: Troy Hunt[x]


Here’s how to tell if your Facebook account was one of the half billion that were breached

By Jordan Valinsky | CNN Business Over the weekend, cybersecurity experts revealed that about half a billion Facebook users’ personal information was breached — a treasure trove of data the includes full names, birthdays, phone numbers and their location. Facebook said that massive leak stems from an issue in 2019, which has since been fixed. Still, there’s no clawing back that data. More than 30 million accounts in the United States were affected and the company isn’t making it easy to find ou...
Tags: Facebook, Business, Technology, News, California News, Sport, Cnn, Soccer, United States, Troy Hunt, National News, Donie O Sullivan, Cable News Network Inc, Jordan Valinsky, WarnerMedia Company

Answers being sought from Facebook over latest data breach

Facebook’s lead data protection regulator in the European Union is seeking answers from the tech giant over a major data breach reported on over the weekend. The breach was reported on by Business Insider on Saturday which said personal data (including email addresses and mobile phone numbers) of more than 500M Facebook accounts had been posted to a low level hacking forum — making the personal information on hundreds of millions of Facebook users’ accounts freely available. “The exposed data in...
Tags: TC, Facebook, UK, US, Social Media, Tech, Eu, European Union, Data Breach, United Kingdom, Data Security, Computer Security, Business Insider, Zuckerberg, Gdpr, Hunt

How to find out in 10 seconds whether your phone number was leaked in the giant Facebook breach that exposed the data of 533 million users

Facebook CEO Mark Zuckerberg. REUTERS/Yuri Gripas The data of 533 million Facebook users was leaked to a hacker forum last week. The leak included users' phone numbers. The website "Have I been pwned" added an update so people can find out if their phone number was leaked. See more stories on Insider's business page. Online security website "Have I been pwned" has launched a new feature to let users quickly find out whether their phone number was leaked in a giant Facebook data bre...
Tags: Google, Facebook, Mark Zuckerberg, Phone Number, US, Trends, Data, Cybersecurity, Leak, Breach, Hunt, Troy Hunt, Tech Insider, Yuri Gripas, Have I Been Pwned, Isobel Asher Hamilton

Facebook Data for Over 535 Million Users Leaked on Hacker Website

The personal details of more than 553 million Facebook users have been published on a website for hackers, according to multiple reports over the weekend. The details appeared on Saturday, according to Business Insider, and are also available in 106 different country-based packages, included 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. In a statement, Facebook said the data was from a breach of its servers that had occurred in 2019 a...
Tags: Security, Facebook, Mark Zuckerberg, UK, India, US, Cto, Troy Hunt, Facebook Data, Dave Walker, Hudson Rock, Alon Gal

How to find out in 2 easy steps if your data was exposed in an online breach

Diana Grytsku/Shutterstock Diana Grytsku/Shutterstock Check if your email account or password is compromised in two easy steps on Billions of online records have been exposed in the past decade through breaches, hacks, or leaks. See more stories on Insider's business page. A website called "Have I been pwned" can help internet users determine if their data has been exposed in an online breach. Maintained by security analyst Troy Hunt, the database on haveibeenpwned...
Tags: Facebook, News, Trends, Data Breach, Password, Personal Data, Troy Hunt, Tech Insider, Email Address, Natasha Dailey

How to find out if your data was exposed in an online breach - and how to protect yourself

Associated Press Companies and government organizations are regularly breached, exposing people's personal data. Hackers buy and sell breached data in order to impersonate people or carry out scams. Here's how you can find out if your data has been leaked online and protect yourself. See more stories on Insider's business page. More records are stored online than ever - and it's becoming increasingly common for large swaths of personal data to fall into the hands of cyberc...
Tags: Facebook, News, Privacy, Trends, Tech, Cybersecurity, Hacks, Troy Hunt, Tech Insider, Aaron Holmes, Associated Press Companies

Animal Jam was hacked, and data stolen. Here’s what parents need to know

WildWorks, the gaming company that makes the popular kids game Animal Jam, has confirmed a data breach. Animal Jam is one of the most popular games for kids, ranking in the top five games in the 9-11 age category in Apple’s App Store in the U.S., according to data provided by App Annie. But while no data breach is ever good news, WildWorks has been more forthcoming about the incident than most companies would be, making it easier for parents to protect both their information and their kids’ data...
Tags: Security, Gaming, Articles, Tech, Data Breach, Fbi, United States, Security Breaches, Password Manager, Player, Data Security, Computer Security, Jam, Troy Hunt, Animal Jam, Have I Been Pwned

Grindr hack let anyone steal email login tokens

Security researcher Troy Hunt reports on a security flaw that let attackers change the email address of Grindr accounts. All you had to do was know the account's current email address and trigger a password reset: the secret login URL was sent to the browser too, hidden in the code of the "check your email!" — Read the rest
Tags: Security, Post, News, Mistakes, Grindr, Troy Hunt

A security flaw in Grindr let anyone easily hijack user accounts

Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address. Wassime Bouimadaghene, a French security researcher, found the vulnerability and reported the issue to Grindr. When he didn’t hear back, Bouimadaghene shared details of the vulnerability with security expert Troy Hunt to help. The vulnerability was fixed...
Tags: Security, Apps, US, Los Angeles, Tech, Software, Beijing, United States, Password, Grindr, Signal, Hunt, Troy Hunt, Scott Helme, Rick Marini, Beijing Kunlun

Have I Been Pwned to go open source – 10bn credentials, not so much, says creator Hunt

Heavy burden for one valiant man to carry, and it needs sharing Credential breach website Have I Been Pwned (HIBP) will be going open source, site creator and maintainer Troy Hunt has told the world.…
Tags: Software, Hunt, Troy Hunt

Security Researcher Troy Hunt is Open Sourcing the Have I Been Pwned Code Base

Security researcher Troy Hunt: Let me just cut straight to it: I'm going to open source the Have I Been Pwned code base. The decision has been a while coming and it took a failed M&A process to get here, but the code will be turned over to the public for the betterment of the project and frankly, for the betterment of everyone who uses it. Let me explain why and how. Read more of this story at Slashdot.
Tags: Tech, Troy Hunt

Dunzo breach affected over 3.4 million accounts; location data, last login details compromised as well

The security breach that delivery service Dunzo disclosed earlier this month affected at least 3,465,259 accounts, data provided to security researcher Troy Hunt by Dehashed shows. In an update to Dunzo’s blog post on the breach, the company’s CTO Mukund Jha said that users’ last known location was also compromised. The number of accounts affected is roughly seven times higher than the number of monthly transacting users Dunzo had last October. While disclosing the breach earlier, the company ha...
Tags: Travel, News, Cybersecurity, Data Breach, Troy Hunt, Jha, Dunzo, CTO Mukund Jha

Interview with Troy Hunt, founder and sole employee of Have I Been Pwned, on his reluctance to retain breached data, future revenue streams, being pwned himself (Zack Whittaker/TechCrunch) (techmeme)

Zack Whittaker / TechCrunch: Interview with Troy Hunt, founder and sole employee of Have I Been Pwned, on his reluctance to retain breached data, future revenue streams, being pwned himself  —  When Troy Hunt launched Have I Been Pwned in late 2013, he wanted it to answer a simple question: Have you fallen victim to a data breach?
Tags: News, Troy Hunt, Zack Whittaker

How Have I Been Pwned became the keeper of the internet’s biggest data breaches

When Troy Hunt launched Have I Been Pwned in late 2013, he wanted it to answer a simple question: Have you fallen victim to a data breach? Seven years later, the data-breach notification service processes thousands of requests each day from users who check to see if their data was compromised — or pwned with a hard ‘p’ — by the hundreds of data breaches in its database, including some of the largest breaches in history. As it’s grown, now sitting just below the 10 billion breached-records mark, ...
Tags: Security, Startups, Microsoft, Privacy, Yahoo, Australia, Washington, Government, Tech, Data Breach, Information Technology, Internet Security, Password, Mozilla, Computing, Sony

Decrypted: iOS 13.5 jailbreak, FBI slams Apple, VCs talk cybersecurity

It was a busy week in security. Newly released documents shown exclusively to TechCrunch show that U.S. immigration authorities used a controversial cell phone snooping technology known as a “stingray” hundreds of times in the past three years. Also, if you haven’t updated your Android phone in a while, now would be a good time to check. That’s because a brand-new security vulnerability was found — and patched. The bug, if exploited, could let a malicious app trick a user into thinking they’re u...
Tags: Iphone, Apple, Android, Security, Startups, Mobile, Privacy, Tech, Cisco, Smartphones, Data Breach, Encryption, Cryptography, Fbi, Cybercrime, Dark Web

George Floyd: Anonymous Hackers Reemerge Amid US Unrest

An anonymous reader quotes a report from the BBC: As the United States deals with widespread civil unrest across dozens of cities, "hacktivist" group Anonymous has returned from the shadows. The hacker collective was once a regular fixture in the news, targeting those it accused of injustice with cyber-attacks. After years of relative quiet, it appears to have re-emerged in the wake of violent protests in Minneapolis over the death of George Floyd, promising to expose the "many crimes" of the ci...
Tags: Minneapolis, Tech, Bbc, United States, United Nations, Trump, Floyd, Troy Hunt, George Floyd

Mystery Data Breach Dubbed 'db8151dd' Exposes Records of 22 Million People

An anonymous reader quotes a report from 9to5Mac: A massive data breach dubbed db8151dd has exposed the records of 22M people -- including addresses, phone numbers, and social media links. But the source of the data is a mystery. I got an email alert this morning from the site telling me that my details were included. The exposed data appears extensive: "Email addresses, Job titles, Names, Phone numbers, Physical addresses, Social media profiles." However, Troy Hunt, who runs ...
Tags: Tech, Devon, Vancouver, Hunt, Troy Hunt, Andie, Feb Dehashed

Have I Been S0ld? No, trusted security website HIBP off the table, will remain independent

Owner Troy Hunt staying in the saddle after potential deal falls through The popular security website Have I Been Pwned (HIBP) will remain independent – despite owner Troy Hunt's decision last year to put the business up for sale.…
Tags: Software, Troy Hunt

'Have I Been Pwned' Is No Longer For Sale

Troy Hunt, the owner and founder of the well-known and respected data breach notification website "Have I Been Pwned," announced in a blog post today that his website is no longer being sold and will continue running independently. The news comes several months after Hunt announced he was actively looking for a buyer. Last June, Hunt wrote: "To date, every line of code, every configuration and every breached record has been handled by me alone. There is no 'HIBP team,' there's one guy keeping ...
Tags: Tech, Hunt, Troy Hunt, Last June Hunt

Password Data For About 2.2 Million Users of Currency, Gaming Sites Dumped Online

Password data and other personal information belonging to as many as 2.2 million users of two websites -- one a cryptocurrency wallet service and the other a gaming bot provider -- have been posted online, according to Troy Hunt, the security researcher behind the Have I Been Pwned breach notification service. Ars Technica reports: One haul includes personal information for as many as 1.4 million accounts from the GateHub cryptocurrency wallet service. The other contains data for about 800,000 a...
Tags: Tech, Ars Technica, Hunt, Troy Hunt

Password Data For About 2.2 Million Users of Currency, Gaming Sites Dumped Online (slashdot)

Password data and other personal information belonging to as many as 2.2 million users of two websites -- one a cryptocurrency wallet service and the other a gaming bot provider -- have been posted online, according to Troy Hunt, the security researcher behind the Have I Been Pwned breach notification service. Ars Technica reports: One haul includes personal information for as many as 1.4 million accounts from the GateHub cryptocurrency wallet service. The other contains data for about 800,000 a...
Tags: News, Ars Technica, Hunt, Troy Hunt, BeauHD

Daily News Roundup: Your Passwords Are Probably Trash

Recently, the UK’s National Cyber Security Center paired up with Have I Been Pwned?’s Troy Hunt to conduct a survey that analyzed passwords of accounts that had been breached. Turns out that most users (still) suck at using strong passwords. The top passwords found in the study? “123456,” followed by “123456789.” Other brilliant things, like “qwerty,” “password,” and “111111” rounded out the top five spots, with “123345678,” “abc123,” and “password1” all finding spots in the top 10. People’s na...
Tags: Apple, Google, Crafts, Facebook, UK, China, Samsung, Netflix, Austria, Reuters, American Medical Association, Engadget, Troy Hunt, Android Police, JC Penny, Gamespot

The UK’s latest list of most hacked passwords is as bad as you’d think

Names, soccer players, musicians and fictional characters make up some of the worst passwords of the year, according to the U.K. government’s National Cyber Security Center. But nothing beats “123456” as the worst password of all. It’s no shock to any seasoned security pro. For years, the six-digit password has been donned the worst password of all, given its wide usage. Trailing behind the worst password is — surprise, surprise — “123456789”. The NCSC said more than 30 million victims use those...
Tags: Security, Identity Management, Tech, United Kingdom, Password, Password Manager, Smart Devices, Computer Security, Troy Hunt

Your kid's "smart watch" lets anyone in the world trace their location. Again.

Back in 2017, the Norwegian Consumer Council published a damning report on the privacy leaks from kids' "smart watches," a parade of horrors that included allowing unauthorized third parties to trace your kid's location, and also to covertly eavesdrop through the watches' microphones and bark creepy orders at them through their speakers. A year later, Pen Test Partners audited the security of the popular Misafe kid smart-watch and guess what? It was a fucking dumpster-fire, too. Six months ...
Tags: Security, Video, News, Privacy, Australia, Smart Watches, Hunt, Troy Hunt, Gator, Pen Test Partners, Consumer Council, Dumpster Fires, Stykas, Prisoner Ankle Cuffs, Tictoctrack, Ticktoctrack

TicTocTrack Smartwatch Flaws Can Be Abused To Track Kids

secwatcher shares a report from Threatpost: A popular smartwatch that allows parents to track their children's whereabouts, TicTocTrack, has been discovered to be riddled with security issues that could allow hackers to track and call children. Researchers at Pen Test Partners revealed vulnerabilities in the watch (sold in Australia) on Monday, which could enable hackers to track children's location, spoof the child's location or view personal data on the victims' accounts. The parent company of...
Tags: Australia, Tech, Hunt, Troy Hunt, Threatpost, TicTocTrack watch iStaySafe Pty Ltd

Facebook is asking some new users for their email passwords and appears to be harvesting their contacts without consent (FB)

Facebook is asking some new users to provide the password to their email account. The move has alarmed security experts, who warn it could encourage users to engage in "risky" behaviour and increase their chances of being hacked. The social network also appears to be accessing these users' contacts without asking for permission. The company now says it is discontinuing this login tool, though it didn't give a timeframe.  Facebook asks some new users to provide the social network with the pass...
Tags: Google, Facebook, Mark Zuckerberg, Trends, Signal, Yandex, Electronic Frontier Foundation, Troy Hunt, Cyphers, Bennett Cyphers

We found a massive spam operation — and sunk its server

For ten days in March, millions were caught in the same massive spam campaign. Each email looked like it came from someone the recipient knew: the spammer took stolen email addresses and passwords, quietly logged into their email account, scraped their recently sent emails and pushed out personalized emails to the recipient of that sent email with a link to a fake site pushing a weight loss pill or a bitcoin scam. The emails were so convincing more than 100,000 people clicked through. We know th...
Tags: Security, Email, Tech, Pgp, Bbc, Cnn, Computing, Cell Phones, Belgium, Signal, World Wide Web, Spamming, Cyberspace, Online Advertising, Elasticsearch, Troy Hunt

Facebook left millions of passwords readable, in plain text, by employees

By Barbara Ortutay and Frank Bajak, The Associated Press Facebook left millions of user passwords readable by its employees for years, the company said Thursday, an acknowledgment it offered after a security researcher posted about the issue online. By storing passwords in readable plain text, Facebook violated fundamental computer-security practices. Those call for organizations and websites to save passwords in a scrambled form that makes it almost impossible to recover the original text. “The...
Tags: Facebook, Mark Zuckerberg, Instagram, Sport, Soccer, Brian Krebs, Facebook Lite, Troy Hunt, KrebsOnSecurity, BARBARA ORTUTAY, Jake Williams, Rendition InfoSec, FRANK BAJAK, Andrei Barysevich, Barysevich, Associated Press Facebook

Over 800 Million Emails Leaked Online By Email Verification Service

Security researchers Bob Diachenko and Vinny Troia discovered an unprotected MongoDB database containing 150GB of detailed, plaintext marketing data -- including hundreds of millions of unique email addresses. An anonymous Slashdot reader shares Diachenko's findings, which were made public today: On February 25th, 2019, I discovered a non-password protected 150GB-sized MongoDB instance. This is perhaps the biggest and most comprehensive email database I have ever reported. Upon verification I wa...
Tags: Tech, Troy Hunt, Mongo, Vinny Troia, Bob Diachenko, Diachenko, Email Verification Service

Why 'ji32k7au4a83' is a Remarkably Common Password

A seemingly complex set of characters like "ji32k7au4a83" is a very common password among users, it turns out. From a report: This interesting bit of trivia comes from self-described hardware/software engineer Robert Ou, who recently asked his Twitter followers if they could explain why this seemingly random string of numbers has been seen by Have I Been Pwned (HIBP) over a hundred times. Have I Been Pwned is an aggregator that was started by security expert Troy Hunt to help people find out i...
Tags: Tech, Troy Hunt, HIBP, Robert Ou