Blog

Rajib Singha
Check if your Online Account has been Leaked in a Data Breach
July 8, 2016

data breach

A data breach is defined as an incident where private and confidential information is illegally viewed, used or accessed by a malicious entity. In May 2016, passwords of over 100 million LinkedIn users were stolen by hackers in a major data breach.

Similar incidents of data breach have occurred in the past, and there are no signs that can tell that they won’t occur in the future. During a data breach, personal information such as email ID, passwords, date of birth, addresses, credit/debit card numbers, bank accounts, etc., are potentially exposed to hackers. Depending on the leaked data, hackers can:

Commit identity theft – can open fake bank accounts under your name

Hack other accounts – using the leaked password and email ID, they can access your other online accounts

Launch phishing attacks – using personal information such as your name, date of birth, address, etc., they can target you with specially crafted phishing emails and steal more sensitive information

In short, data breaches are bad news. We have come across a site Haveibeenpwned.com where users can check if their online accounts were leaked in any of the data breaches that happened in the past. Using the site is simple. Just enter your online account (email ID or username) and click on pwned? as shown below.

# If your account was compromised in any breach, it will show up like this:

have i been pwned

What should you do?
Change the account’s password. Choose one that is made up of a mix of uppercase, lowercase letters, special characters, and numbers. Something like this InoNothin@343#

# And if your account was not compromised, it will show up like this:

have i been pwned2

What should you do?
You don’t have to worry for now. But still, if you haven’t changed your password for quite some time, consider changing it. Better safe than worry.

So, pay a visit to Haveibeenpwned.com and run a quick check on your online account.

If find this post helpful, share it with your friends and peers.

SHARE THIS STORY

Have something to add to this story? Share it in the comments.

Rajib Singha
About Rajib Singha
Rajib is a Physics graduate and a technology enthusiast. Besides having a keen interest in the latest gadgets, he is also into IT security and all that it...
Articles by Rajib Singha »

6 Comments

Your email address will not be published.

CAPTCHA Image

  1. Hasta GurungJuly 9, 2016 at 1:21 PM

    so far Good

    Reply
  2. Sometime I found my quickheal secure browser not working too.

    Reply
    • And I found one of my old gmail PWNED and no patch.
      what does it mean .

      Reply
      • Rajib Singha Rajib SinghaJuly 14, 2016 at 4:55 PM

        Hi Sanju,

        Please refer to the below FAQ that might help answer you query.

        What is a “paste” and why include it on this site?

        A “paste” is information that has been “pasted” to a publicly facing website designed to share content such as Pastebin. These services are favoured by hackers due to the ease of anonymously sharing information and they’re frequently the first place a breach appears.

        HIBP searches through pastes that are broadcast by the @dumpmon Twitter account and reported as having emails that are a potential indicator of a breach. Finding an email address in a paste does not immediately mean it has been disclosed as the result of a breach. Review the paste and determine if your account has been compromised then take appropriate action such as changing passwords.

        Regards,

        Reply
    • Rajib Singha Rajib SinghaJuly 14, 2016 at 4:56 PM

      Hi Sanju,

      Our support engineers can help. Please visit http://bit.ly/QHChat to chat with us online. You can also raise a ticket at http://bit.ly/Askus and we will get back to you at the earliest.

      Regards,

      Reply
  3. rajendra gurjarJuly 13, 2016 at 11:46 AM

    verey nice

    Reply