News about big hacks and the publication of user databases have slowed down considerably in past months. Before that reports of hacks were nearly daily in the news with companies like Sony, Gawker or Ashampoo the target. Many user databases that the hackers dumped during the hack were published on the Internet afterwards. Not all listed unencrypted passwords but some did and even though companies did ask users to change – all of their – online account passwords, it is likely that some users may have missed those announcements completely.
The free online service HackNotifier is more or less a frontend that users can use to search for email addresses that were leaked in hacking attempts. You basically enter your email address – or the email address of someone else into the form on the main page to see if it was listed in one of the hacked user databases.
You then get to review your status on the next page. The service lets you know immediately if your account is insecure and if it has been compromised.
HackNotifier lists the company that was compromised and the day it happened. A link points to third party websites that offer additional information about the hack. It then asks you to change your account passwords if you have not already done so.
Users can sign up for the company’s service to receive notifications when their email account gets hacked again. This obviously is only effective if the hackers publish the user database on the Internet. The service at the time of writing has information about 20 leaks and almost 1.5 million accounts in their database.
HackNotifier assures that they do not save email addresses that users enter on their front page to check whether the account has been compromised.
Probably the biggest issue is that most hackers do not dump user databases publicly. It can still be frightening to see your email address listed as compromised on the results page.
You can check out HackNotifier here. A similar service is Should I Change My Password.
Related Articles:
Password Recovery Questions Make Online Accounts VulnerableCheck the amount of user accounts on your system
What To Do When Your Email Account is Compromised
Check Multiple Gmail Accounts With Gmail Notifier
RSA Admits That SecureID Tokens Were Compromised
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.
HI,
This could be a follow-up of the article about the hacked Paypal accounts…
Nice service, though it will only scan against the databases they have in store as you stated.
The Databases contents are corporate only data or they also hold “regular” user details (thinking of the paypal user accounts).
Without the help of the big players (hotmail, yahoo, paypal…), chances that non savvy people will know and take benefit of such a service is very limited. That is if the used databases encompass private data as well.
I wonder if the mere act of searching for an email address might be enough to make that email address a target?
So, the site keeps e-mail address for future use ?
No, it does not keep it unless you sign up for a paid membership. Then they use the email to check against their database regularly.