Ever wonder if private information about you has been made publicly available on the Internet? You could search the Internet underground to discover if someone is distributing information about you, but such a search would require knowledge of where to look that most of us do not have.
Now there is help out there. Alen Puzic and fellow security researchers have established a website that anyone can use to discover if their e-mail address is among breached records available on the Internet. You enter your e-mail address or user name and the site tells you whether your address is among those in its database.
So you may wonder where the compromised information is found. Puzic initially amassed about five million breached records containing about three and a half million e-mail addresses and one and a half million user names that had been published by online attackers or otherwise inadvertently exposed. Puzic uses internet crawling spiders to index underground hacking forums, account dumps from hacking groups, Pastebin, as well as accessible releases of public information, e-mail services, social media sites, merchants, and even financial institutions. The site is updated every 24 hours, and a current count of the number of entries is displayed on the first page of the web site. The site claims that none of the information associated with each e-mail address is retained, only the address itself . In addition, no queries of the web site are stored, but if you are concerned, a securely hashed input (using a publicly available hashing algorithm) is provided to search the site.
–Laurence Weinberger, Esq.