The official page of “Have I Been pwned” (https://haveibeenpwned.com/Passwords) is showing anomaly behavior for checking breached password. For the same password being used, it returns different results. Sometimes it shows that the password has been breached and when I try it again with the same password, it shows the password has not been breached. I tried this with the password “Password1.”.

Also, its API (Searching by range, which I have used with my java project) does not signify that the password "P@ssw0rd123" was breached, but its website https://haveibeenpwned.com/Passwords shows that this password was breached.

Could you please make sure if this is as expected?

Dear Alumni & Friends,

Report of a Data Security Incident

I am writing to notify you of a data security incident that has affected one of the University’s third party service providers, Blackbaud, which provides cloud computing software used for processing some of your personal data.

We recognise that this is unsettling news and we sincerely apologise that this has happened, but rest assured that Blackbaud have taken steps to mitigate this incident and any risks to your information. The University is following up with internal investigations and remedial actions of its own. However, we advise that you be vigilant to potential phishing communications and requests to provide information.

Blackbaud has been a respected provider of Education and Third Sector relationship management systems for more than two decades and is engaged by institutions globally. We understand that in May this year Blackbaud discovered the incident and took measures to deal with it. In response to the attack a detailed forensic investigation was undertaken, on behalf of Blackbaud, by law enforcement and contracted external cyber security consultants. Blackbaud has reported that the data taken by the attacker, which included your details, was subsequently confirmed as deleted by the attacker as part of Blackbaud’s negotiations. They also have measures in place to continue to scan for any suspicious activity which may follow on from this event and verify the quality of strengthened security systems now in place to prevent future attacks.

The Blackbaud platform which was impacted is used by Edinburgh Napier University to communicate by email with Alumni and Friends. Your data that was affected includes name, email address, update details, gift history and attendance at university events.

Blackbaud confirmed in its statement to Edinburgh Napier University that no credit card information or bank account details were accessed.

Edinburgh Napier University’s priority remains the relationship with the members of our Alumni and Friends community, and the protection of their information. As soon as we were notified, we reported the breach to the Information Commissioner’s Office (ICO) and began to seek details from Blackbaud to identify if your data record was included in the incident. We continue to investigate, but we felt it was important to be transparent with you as to what happened. Given Blackbaud’s assurances, we have every reason to believe that the risk to your data is low and we have no reason to believe that individual data records were targeted. We are therefore advising you of what happened as a precautionary measure.

We deeply regret any worry and inconvenience that this data breach by Blackbaud may have caused you and hope that the mitigating actions Blackbaud reports provide reassurance. However, it is still advised that you remain vigilant for any unusual communications or requests you may receive. Information about Phishing, protecting yourself and reporting unusual activity can be found here: https://www.gov.uk/report-suspicious-emails-websites-phishing.

We take data protection very seriously and we are grateful for your understanding, continued support and engagement.

If you wish to discuss this further or require more information, please contact me at alumni@napier.ac.uk. We will also publish updates on our website if we become aware of further important information here : https://napier.ac.uk/alumni/alumni-news/latest-news/Blackbaud-data-security-incident.

It would be better if u also added the info about which site leaked our data, no need to give passwords...
It would encourage us to let our friends know about it if they used the same website and create a lot more interest and awareness all around.
I know this data(which site leaked it) might be hard to get and might be rarely available .You might know only few of thosee.But still ,a start in this direction might be lovely and show to other people that u dont know where the leak came from...they might help u provide the missing part if they remember the only site they used that credentials to...
OR you could add the list number, a number that would let people know which chunk was hacked from these...
we would also know how many lists have u gone through and can even appreciate your hard work...😅
This might be a great move...
my english is too bad, I know and really really sory for that but please do respond...

I have a friend who is being absolutely terrorized by a computer savvy guy who is backhandedly threatening her life, posting her real name on adult websites, hacking her voicemails, opening accounts with her information and we believe he has now shared her info on some dark web place allowing other hackers access to her information. We have made police reports and even contacted the FBI cyber crimes unit. But this guy is using VPN’s and change your number apps. He calls and harasses her constantly, for over 4 months now this has been going on. I heard about this site on 104.1 radio station in Florida. I am looking for a hero. This is a problem in the world now and there doesn’t seem to be a group that helps these victims. We need a Cyber Justice League.

My data was in the 500px breach. Every time I check for breaches against my email address on HIBP, this comes up. I use random passwords so I am not concerned about the leak, but I do make sure to change passwords once I am notified of a leak. Once the list of breaches becomes long enough, I may not remember whether I have dealt with a specific issue reported. It would be good to have a mode where I can log in and check the issues that I have dealt with, so the next time I login and check I can see just the new breaches to deal with.

It is possible for the user to handle that entirely on their end by checking the last time the pwd was changed in the password manager, but it can be tedious when the list is long...