Have you been hacked? Two ways to find out
Hacking isn’t slowing. Here are two tools that can let you know if you’ve been surreptitiously hacked.
It doesn’t stop. Around 28,000 accounts from the fan-site forum ThisHabbo and details on 40,000 users of the Swedish forum Flashback were made public recently, according to website Have I Been Pwned? ThisHabbo is a radio-oriented site, and Flashback, from a books and magazines publisher, is supposedly the largest forum in Sweden. Forum data breaches might have you wondering – just how does one go about finding out if their account or email address is among those that have been leaked?
Am I on the list?
Obvious website defacing by hactivists can be relatively easy to spot—your website changes, or files get deleted. Banking hacks are also pretty easy—unauthorized charges start sucking your bank account dryer than it was before. Other, more surreptitious hacks might not be so obvious. Two resources are available that can help.
Have I Been Pwned?
Troy Hunt, an author of web security courses for Pluralsight, built the website Have I Been Pwned? It’s a compendium of data breaches. To use it, you simply enter your email address or account name in a text search box and the site lets you know if it’s been pwned or pasted.
You may be unfamiliar with the definitions used. The word „pwned“ derives from video-game culture, and refers to someone who’s been beaten. Urban Dictionary thinks it’s a corruption of the work „owned.“ Pwned accounts are email addresses and user accounts that have been breached—a hacker illegally obtains the data from a vulnerable system.
Pasted accounts, on the other hand, are the pwned accounts that have been pasted to a public website. Have I Been Pwned? uses the example site Pastebin in its documentation. Pastebin lets users share information publicly, but anonymously. Hunt has 175 million compromised pwned accounts in his database, including one of mine, actually.