HaveIBeenPwned.com – WindowsTechs.com

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Posted on March 22, 2024 by BrianKrebs

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years. Continue reading Mozilla Drops Onerep After CEO Admits to Running People-Search Networks→

The Security Pros and Cons of Using Email Aliases

Posted on August 10, 2022 by BrianKrebs

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. Here’s a look at the pros and cons of adopting a unique alias for each website. Continue reading The Security Pros and Cons of Using Email Aliases→

Are You One of the 533M People Who Got Facebooked?

Posted on April 6, 2021 by BrianKrebs

Ne’er-do-wells leaked personal data — including phone numbers — for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out. Continue reading Are You One of the 533M People Who Got Facebooked?→

Theory: ‘Simple Hack’ Behind Bezos’ Alleged Compromising Images

Posted on February 8, 2019 by Tom Spring

Researchers theorize how Bezos’ very personal pictures may have been allegedly hacked. Continue reading Theory: ‘Simple Hack’ Behind Bezos’ Alleged Compromising Images→

773M Password ‘Megabreach’ is Years Old

Posted on January 17, 2019 by BrianKrebs

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it “the largest collection ever of breached data found.” But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of stolen data, and that it is at least two to three years old. Continue reading 773M Password ‘Megabreach’ is Years Old→

A Breach, or Just a Forced Password Reset?

Posted on December 4, 2018 by BrianKrebs

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefile users interpreted this as a breach at Citrix and/or Sharefile, but the company maintains that’s not the case. Here’s a closer look at what happened, and some ideas about how to avoid a repeat of this scenario going forward. Continue reading A Breach, or Just a Forced Password Reset?→

Under Armour Reports Massive Breach of 150 Million MyFitnessPal Accounts

Posted on March 30, 2018 by Tom Spring

Under Armour is getting kudos for disclosing breach within weeks, but concerns remain over an unknown portion of credentials reportedly stored using the weak SHA-1 hashing function. Continue reading Under Armour Reports Massive Breach of 150 Million MyFitnessPal Accounts→

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

Posted on January 15, 2018 by BrianKrebs

Canadian authorities have arrested and charged a 27-year-old Ontario man for allegedly selling billions of stolen passwords online through the now-defunct service Leakedsource.com. Continue reading Canadian Police Charge Operator of Hacked Password Service Leakedsource.com→

Leaky RootsWeb Server Exposes Some Ancestry.com User Data

Posted on December 27, 2017 by Tom Spring

Ancestry.com closes parts of its community-driven genealogy site RootsWeb as it investigates a leaky server that exposed thousands of passwords, email addresses and usernames to the public internet. Continue reading Leaky RootsWeb Server Exposes Some Ancestry.com User Data→

Hacked Password Service Leakbase Goes Dark

Posted on December 4, 2017 by BrianKrebs

Leakbase, a Web site that indexed and sold access to billions of usernames and passwords stolen in some of the world largest data breaches, has closed up shop. A source close to the matter says the service was taken down in a law enforcement sting that may be tied to the Dutch police raid of the Hansa dark web market earlier this year. Continue reading Hacked Password Service Leakbase Goes Dark→