Skip to content

General

101 results found

  1. user submission of phish mails that charge bitcoin ransom by putting old password in subject

    i got yet another mail with the same template of putting one of my previously used passwords that have been potentially obtained from one or more breaches.
    there has to be a secure process that hibp can build for users if they can responsibly reset all the site logins where that password is used and maybe make hibp aware that there are breaches from where these credentials are obtained and perhaps get a way to be alerted to. user may take a decision if they want to continue with the service that was breached, regardless of changing the password.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Add MostRecentDate to Domain Search results

    When viewing Domain Search results, it would be helpful to have column containing the date of their most recent appearance in a breach data set. This would help prioritize password changes if the search results are larger.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Table view for breach list

    It would be nice to have an option to show the list of breaches for a particular e-mail address in table form with 1 row per breach and 1 column per piece of information involved (username, e-mail, name, dob, socio-economic, ssn, etc.) with maybe a score for how egregious the underlying issue was (plaintext/unsalted md5, etc.) and/or how sophisticated the attack was.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. https://gitlab.com/ronaldoats/combos.vip-live.com

    List of users and passwords 2,436,867 accounts

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Options to Recover Hacked accounts

    Ive been hacked on 3 personal computers, 1 Verizon phone and 2 burner phones almost immediately after activating them. It all happened at the same time. Then the burners 2 days in a row.
    WTF is the point? Even my truck is hacked? Who hacks new phones so obviously with 0 information?
    They hacked a 4th computer which is a corporate laptop for I'm a Fortune 500 company. "They got a little cocky with that one." Is anything available to recover several email accounts, photo galleries, apps, ect. That use the same email address?
    They grouped photos and videos of…

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Free Developer Access to Paid API

    I suggest dev access.
    Either by access to fake data, or by minimum access, some results based on a rank.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Update Zygna.com data breach information

    I've just been informed that the Zygna.com data breach included my phone number. Which, makes sense, since it is usually installed on mobile devices. You don't list phone numbers are part of the data breach.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Provide localised language versions

    IMO, HIBP is so useful that every single person in the world should have it bookmarked and all companies should monitor their domains accounts using it. Some users in our company use their business email address to create accounts in several websites, and thanks to HIBP our IT team is warned when one of them is pwned.
    We thought it would be a great idea to tell everyone about HIBP so they could verify and monitor their own personal accounts, so we did it by sending an email telling about HIBP to everyone in the company. Everyone was able to…

    17 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Microsoft flow integration for a domain

    An integration with Microsoft flows for a domain would be excellent. Something that would query the tenant for live or past emails in a domain and automatically notify the users about the breach.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. allow the pwnd password query to show the sites/breaches the password was included in?

    I have a relatively unusual password that I used to use widely. However, I stopped doing that years ago. It currently shows up in 6 breaches. I would love to know which sites still have it so that I can check/resurrect those accounts.

    70 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Offer an option to inform where you have been compromised

    offer an option to inform where you have been compromised - Chemist Direct login and password details exposed via email. These were correct.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Include an Industry field for every breach

    The API for searching a breach should include what industry the breach is from, like Web, Government, Insurance, Financial, etc,.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. 19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. 7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Alert for physical address

    Now Slickwraps has your address, notify the person.

    (but how, how do you verify if a person owns the address? email and address in a past leak? (also could be abused))

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Request a company to be investigated for a breach

    Although this was downvoted, I suspect some companies are not reporting their breaches or they do not know about them.

    My most recent was EpicGames, which Have I been Pwnd (Password page) says my password has not been pwned. But it was pwned, and was used to access my Gmail, EpicGames and other sites.

    I'm not sure what can be done - I think people like me can help collaborate in a way that can lead to discovering unreported breaches and whistle blow those companies to notify their users of breaches.

    Why do I have to become a hacker to…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Mark Wii U ISO as a sensitive breach

    Wii U ISO is a site that hosts illegal downloads of pirated video games. This include Roms & ISOs for Nintendo Switch, Wii U, and 3DS. The ability to upload or download games is only available for registered users.

    Because having an account could link users to illegal software piracy, I would like to propose adding it to the list of sensitive breaches.

    (Arguably, emuparadise should be marked as sensitive, as they previously distributed illegal ROMs)

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Sort pwned sites by date

    HI Can you sort pwned sites by date rather than alphanumeric - most recent discoveries first?

    54 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Send enrollment email upon valid domain verification

    I successfully enrolled in domain search, but never got a confirmation message. Now when I forget whether or not I've enrolled my domain in a year (as will surely happen), I have no way of knowing if I'm just repeating efforts.

    16 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

General

Categories

Feedback and Knowledge Base