Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Aussie security researcher Troy Hunt updates web tool for tracking data breaches, with a heap of new features.
Australian security researcher Troy Hunt has announced the official launch of his data breach tracking website, Have I Been Pwned 2.0.
The new version of the site was soft-launched in March, but Hunt and his team have continued to work on it and add a raft of new features.
“Over the course of this time, we’ve completely rebuilt the website, changed the functionality of pretty much every web page, added a heap of new features, and today, we’re even launching a merch store,” Hunt said in a 20 May update on his personal website.
For those who don’t know, Have I Been Pwned is a useful site for everyone, from journalists and researchers to any individual curious to know if their personal information, specifically their email, has been caught up in either a data breach or a combo-list circulating on hacking forums. For instance, the personal email of this author appears in an impressive – and somewhat alarming – 21 data breaches since 2014.
And for those who aren’t familiar with the term “pwned”, it’s gaming speak for being particularly badly beaten in a video game. The intended spelling is “owned”, but the proximity of the “p” and “o” keys led to the misspelling becoming common parlance. Gamers are weird.
Regardless, it’s a tool that everyone should be familiar with, and by signing up to the site, you can even receive alerts whenever your email is discovered in a breach or leak.
The site’s new features include a more ordered results page, with data breaches now listed on a scrollable timeline complete with a summary of each breach, which links through to a more detailed page on each incident. These pages include details of the data compromised alongside each email, and recommendations for what to do, such as changing your password or enabling two-factor authentication.
“Now that we’re live, we’ll also work on fleshing this page out with more breach and user-specific data,” Hunt said.
“For example, if the service supports 2FA, then we’ll call that out specifically rather than rely on the generic advice above. Same with passkeys, and we’ll add a section for that. A recent discussion with the NCSC while we were in the UK was around adding localised data breach guidance, for example, showing folks from the UK the NCSC logo and a link to their resource on the topic (which recommends checking HIBP).”
Subscribers also get access to a unified dashboard that covers domain searches, subscription management, and stealer logs, with more features in the pipeline, according to Hunt.
And yes, Cyber Daily will definitely be buying something from the merch store. We certainly use the site enough.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
