Collaborate Disseminate
Back in 2016, I wrote a blog post about the Martin Lewis Money show featuring HIBP and how it drove an unprecedented spike of traffic to the service, ultimately knocking it offline for a brief period of time. They’d given me a heads up as apparently, that’s what the program
Continue reading Handling Huge Traffic Spikes with Azure Functions and Cloudflare
I don’t know exactly why the recent uptick, but lately I’ve had a bunch of people ask me if I’ve tried the Brave web browser. Why they’d ask me that is much more obvious: Brave is a privacy-focused browser that nukes ads and trackers. It also has some cool built-in
Continue reading Donating BAT to Have I Been Pwned with Brave Browser
In a continued bid to make breach data available to the government departments around the world tasked with protecting their citizens, I’m very happy to welcome the first country onto Have I Been Pwned for 2020 – Denmark! The Danish Centre for Cyber Security (CFCS) joins the existing 7 governments
Continue reading Welcoming the Danish Government to Have I Been Pwned
I have used this site haveibeenpwned.com/OptOut to opt out of being publicly seachable. Is there any way to undo this? Using services such as LastPass that automatically scans for breaches does not work because of this.
The r… Continue reading Opting-out from being publicly searchable [closed]
When is data “public”? And what does “public” even mean? Does it mean it’s merely visible to the public? Or does it mean the public can do anything they like with it? This discussion comes up time and time again as it did with the huge leak of PDL data
Continue reading When Is Data “Public”? (And 2.5M Public Factual Records in HIBP)
I recently had the pleasure of spending a few days in Switzerland, firstly in Geneva visiting (and speaking at) CERN followed by a visit to the nation’s capital, Bern. There I spent some time with a delegation of the National Cybersecurity Centre discussing the challenges they face and where HIBP
Continue reading Welcoming the Swiss Government to Have I Been Pwned
That’s a question that I always tried to answer to myself without success many times. The service haveibeenpnwed.com is able to search in billion of compromised account at a very impressive speed(Just a few milliseconds). Ins… Continue reading How can haveIbeenPwned be so fast in searching?
Until this month, I’d never heard of People Data Labs (PDL). I’d certainly heard of the sector they operate in – “Data Enrichment” – but I’d never heard of the company itself. I’ve become more familiar with this sector over recent years due to the frequency with which it’s been
Continue reading Data Enrichment, People Data Labs and Another 622M Email Addresses
The passwords of more than 2.2 million users of a gaming and cryptocurrency website were dumped online after dual data breaches. Continue reading Hackers Dump 2.2M Gaming, Cryptocurrency Passwords Online
Over the last couple of years, I’ve been increasingly providing governments with better access to their departments’ data exposed in breaches by giving them free and unfettered API access to their domains. As I’ve been travelling around the world this year, I’ve been carving out time to spend with governments