Have I Been Pwned?

The lack of awareness we have about our digital identities got our attention and it has always been of great interest to us here in Wh0s.

Since the popularization of internet we all exist in some way in it, and it is becoming difficult for many of us to know how many accounts we have, in fact, how many of us are able to know how many social networks, forums or websites we have registered on? What if we talk about applications? How many applications have you downloaded where you have to enter personal information such as your name, surname or email? Although it may seem unimportant, when we do a registration we are creating a digital identity, with which we are providing with some of our data to companies that record them in their databases. What if they lose this information? Maybe nothing or maybe your ID, address, etc. are freely surfing the web. And when something is on the Internet…it will be there forever.

When a case of information loss is given, it is known as pwned. In the hacker jargon, pwn means to compromise or control, specifically another computer (server or PC), web site, gateway device, or application against the owner desire, in these cases, it’s simple:

pwned.jpg

But, how important are these cases? It may sound a bit paranoid, but there have been more cases than we think, some of them even causing very serious information losses, such as PS3 or adobe (links to official news) that mainly because of ignorance they weren’t consider important at all.

As for us, we would like to talk about a web site: https://haveibeenpwned.com/ , where you can check if any of your account has been affected by these cases. (There are some more, but in our opinion this is the most complete one.)

HaveIBeenPwned.png

In @haveibeenpwned you will be able to follow every corrupted database update as they add them to the system. To conclude, we leave you a very curious case for you to check: admin@sony.com and some basic recommendations:

  1. Don’t ever give your real data unless it’s necessary.
  2. Don’t reuse any password, nor use the same identifiable pattern.
  3. Use double safety factors, or systems that add security such as the latch implementation we talked about earlier.

We hope that this post has been of interest to you, and if you know about any curious case like the one in admin@sony.com, don’t hesitate to leave a comment. J

Cheers!

Translated by Ana García Negrillo  (@ANAgarneg)

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.