The Have I Been Pwned website lets Internet users check if their personal data has been compromised by data breaches. It collects and analyzes many database dumps and pastes having information about billions of leaked accounts and lets users search for their own information by entering the username and email address. You can also sign up to received notifications if the email address appears in future dumps. Have I Been Pwned has been recognized as a valuable resource for Internet users who wish to protect their own security and privacy.
The service was made by security expert Troy Hunt on 4th December 2013. Since June 2019, the service has an average daily visitors of around one hundred and sixty thousand and it has around three million active email subscribers and has records of almost eight billion accounts.
The name of the service is based on scrip kiddie jargon term ‘pwn’ and it means to compromise or take control mainly of another computer or application. The logo of the service has a text ‘;– and it is a common SQL injection attack string. A hacker who tries to take control of a website’s database might use this type of attack string for manipulating a website into running malicious code.
The service has various useful features and it is also a legit service. I have a good explanation for this. Normally, a company database gets hacked by hackers and account details like username and password are extracted from it. When this is done, your account is sold on the dark web at a cheap price. There are various sites available on the dark web that sells these accounts. Have I Been Pwned acts as a customer in all the account selling sites and searches for the username. If the account is present, it will tell you how many sites it is present.
The service checks on well-known sites and not on all that are present on the dark web. 95% of hackers use these sites to sell accounts, If the service says that you have been hacked, it is not important that they have your present password. It might be your old password since the account sellers don’t check and remove accounts if you change your password. It is a reason why you need to change your password regularly.
Overall, I can say that Have I Been Pwned is genuinely concerned about your safety and ensures to alert you in case if you are hacked. So, I will strongly recommend you to use this service and yes, there is enough evidence to prove that the service is legit.
