I suggest you ...

Include email addresses (or some info) for domain notifications

If you're doing a domain notification (notifying of any info for your domain that becomes compromised), you'd like to relay concerns to your users when those alerts come up. Right now, we're just getting a number of accounts, rather than the actual specifics. Even listing email addresses would help.

1 vote
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Art shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • AdminTroy Hunt (Admin, Have I been pwned?) commented  ·   ·  Flag as inappropriate

        The reason email addresses are not included in the notification is that email isn't considered a secure channel and the information can be sensitive. For example, I wouldn't want to see membership of a site like Ashley Madison communicated insecurely.

        Every domain notification email has a link to run another domain search which will allow you to see everyone involved in the incident.

      Feedback and Knowledge Base