I hate spam and I go through great lengths to minimize it. Internet security is also interesting to me, and I think most people just don’t know not follow good security practices, and aren’t aware of just how awful things are, as in, how inept websites are at securing your data.
Data breaches are rampant and many people don’t appreciate the scale or frequency with which they occur.
Security researcher Troy Hunt maintains ‘;–have i been owned?, an excellent website that aggregates data from lots of known breaches and makes it easy for you to find your information on said breaches. Of course this aggregate data is only the tip of the iceberg, as most breaches are not known or he has no way to get to the data. In any case, it’s interesting to go see who has your email.
I ran this tool on the domain I use for the majority of my emails to see which ones are there. Remember I use a different email address and a different password for each and every website I sign up for. Results weren’t all that bad. Out of 723 email addresses, “only” 4 were found in the database of pwned websites. The winners are:
- Adobe (mine and my brother’s)
Compromised data: Email addresses, Password hints, Passwords, Usernames - Boxee
Compromised data: Dates of birth, Email addresses, Geographic location, Historical passwords, Instant messenger identities, IP addresses, Passwords, Private messages, User website URLs, Usernames - Gawker
Compromised data: Email addresses, Passwords, Usernames
This is quite horrific.
Run your email through their search and post to the comments to see if it was found on any compromised websites. It will be interesting to hear.