How to find out if your personal info has been leaked in a security breach

Summary:If you want to find out if your email address was stolen in a hacker breach, try out this tool.

When I was an undergraduate in engineering school, I worked on side projects. They weren't exactly intended for the public good.

Kids, don't try this at home

One project involved building a long-range beam laser that we could shine down from the dorms and freak out the drunks stumbling home from frat parties. Another was perfecting a multi-stage bottle rocket we could launch from a stealthy launch platform in our dorm window, which would fly halfway across the quad before igniting the second stage and then strafing the campus security guards as they did their rounds.

The world was a different place in the late 1970s. Those stunts would have landed me and my fellow engineering students in an ocean of hot water, had they been attempted in this post-9/11 era. Back then, it was just lolz all around.

Granted the projects I did for degree requirements were academically sound (I did graduate with honors, after all). But the side projects, well, socially redeeming wasn't exactly a concept I was able to fully integrate into my psyche until well after I graduated.

His mother should be very proud

And then there's Julian Pulgarin. Julian was an intern at Facebook and is currently a candidate for Bachelor of Software Engineering at the University of Waterloo in Ontario, Canada.

Julian decided, what with all the lists of personal information being released to the public by the likes of Anonymous, Wikileaks, AntiSec, and LulzSec, individuals might be worried that their information might now be out "in the wild."

So Julian's been curating the released data. He's built a database containing all the email addresses (over 1.4 million addresses, including the Booz Allen Hamiliton breach).

See also: Military Meltdown Monday: 90,000 military email profiles released by AntiSec

All you have to do is go over to Enter your email address (which he promises me he's not capturing), and the site will tell you if your email address is in any publicly available leaked database.

Now, Julian's not all altruism and spice and everything nice. He's got a neat, little profit engine built into his database, which is the "notifier" portion of the site. For $9.99 a year, you can register with HackNotifier and if any new breaches do have your information, he'll let you know.

The necessary cautionary words

Obviously, all I have is Julian's word that he's not capturing email addresses for future nefarious purposes, but in my conversations with him, he seems like a good kid. He's built a useful service and, if he's lucky, he might also make a few bucks off it.

Me? Well, I probably shouldn't say any more about what I was up to when I was his age, but it sure as heck wasn't public service.

Topics: Collaboration, Security


In addition to hosting the ZDNet Government and ZDNet DIY-IT blogs, CBS Interactive's Distinguished Lecturer David Gewirtz is an author, U.S. policy advisor and computer scientist. He is featured in The History Channel special The President's Book of Secrets, is one of America's foremost cyber-security experts, and is a top expert on savi... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.