I don’t understand how to find out which specific sites had my data leaked. Without that I can’t take any action.
I’m subscribed to email alerts but the alert did not include any details like the article said it would.
Thanks, I finally found it. I was already subscribed and verified, but still couldn’t find this anywhere. To get to it I had to:
Signup again from the HIBP website
Get the verification email telling me I was already verified
Click through it
Scroll to the VERY bottom of the page and find the stealer logs.
My natural question is of course how my credentials were stolen logging into gmail.com (yay 2-factor), but at least know I know that’s where I need to change my password.
I should note that the initial notice email about the breach that I received from HIBP for already being verified appears to not have any direct way to actually get this information.
Rent a domain
Set up email
Use a unique address for every website
I usually pick the domain of the website as the username part.
So if, say, I have email set up on lemmy.cafe and want to sign up to flatearth.com - I’d probably use flatearth.com@lemmy.cafe for an email address. If they ever leak it - I’ll be reveiving spam sent to this address.
In the six years of hosting my own email I’ve only had one such occurence when namecheap got breached. It was nice being able to tell where the culprit was!
I don’t understand how to find out which specific sites had my data leaked. Without that I can’t take any action. I’m subscribed to email alerts but the alert did not include any details like the article said it would.
Use the ‘Notify me’ option and verify your email address, and then it will show the expanded list of domains that were exposed from the malware:
Thanks, I finally found it. I was already subscribed and verified, but still couldn’t find this anywhere. To get to it I had to:
My natural question is of course how my credentials were stolen logging into gmail.com (yay 2-factor), but at least know I know that’s where I need to change my password.
I should note that the initial notice email about the breach that I received from HIBP for already being verified appears to not have any direct way to actually get this information.
Rent a domain Set up email Use a unique address for every website
I usually pick the domain of the website as the username part.
So if, say, I have email set up on lemmy.cafe and want to sign up to flatearth.com - I’d probably use flatearth.com@lemmy.cafe for an email address. If they ever leak it - I’ll be reveiving spam sent to this address.
In the six years of hosting my own email I’ve only had one such occurence when namecheap got breached. It was nice being able to tell where the culprit was!