Monday, October 22, 2012

Security: PwnedList: Find Out If Your Accounts Could Have Been Comprimised

There is a site called PwnedList that can check if your email address is contained in public data that has been taken from computers and web sites that have been compromised by hackers.  The site started out as a research project to find out how many compromised accounts could be harvested programatically in just a couple of hours.

To use the site all you have to do is put in your email address and it will check it against its database.  If it finds a match in the database it will let you know.

First I need to say I am not a legal expert, so you will have make your own decisions on what is best for you. If I found there are any results returned from this site, here is some basic few things that I would do to protect myself.

The first thing you should do is change the passwords on the compromised accounts.  The next thing you should is consider your options depending on what information was stolen.  If this was site that could have impact an on you (financial, personal, etc.), contact the company and let them know you found your account was compromised, and ask them if they have any advice.  If the site could have contain any financial or personal data make sure to check and monitor your credit report.

Now for an important question is how do you know that this site is legitimate.  If you're not asking that question, then you should.  Generally before I ever even try a site like this, I will do a search to see what others say about it.  For example, here is a general search, and here is a news search.

No comments: