Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The problem is that you often can’t find access to the actual “password” used in the breach. Does anyone know where I can see if it was an actual password or just some made up thing?


I was suggesting something different. Specifically open an account on every service as a tracking canary, say with the same email to help them tie them all together. But on each one, vary something slightly like phone. Then years later, when looking at a leaked aggregator entry, all the phones on the record should tell you all the places they bought/stole data from.


There was no password on the original ES instance it was open to the web.


I meant my password.


There’s a torrent going around


Do you know where I can find a torrent for this leak?


I don't think it's wise to add a magnet link here.

But as I recall looking for Breach Compilation may help finding the requisite gist on GitHub.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: