Troy Hunt

over 3 years ago · Oslo

Sometimes, life feels like a fairytale. This is now my favourite photo ever ❤️

56

2K

26

80

0

troyhunt retweeted

about 1 hour ago

New breach: Berkadia was targeted by a ShinyHunters "pay or leak" extortion campaign in March. They subsequently published over 300k unique email addresses allegedly taken from the company's Salesforce instance. 76% were already in @haveibeenpwned. More: https://t.co/7eTZlsbnF9

0

5

0

2K

about 4 hours ago

@maxsec @Cyberknow20 @UK_Daniel_Card Confirmed legit 😎 And as for the social media ban not working, it depends how you define “working”. Will always be lots of loopholes, question is whether it has a longer term impact on kids in years to come. There are no immediate magic results.

1

2

0

58

troyhunt retweeted

about 4 hours ago

New breach: Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign in March. Data included 137k unique email addresses along with name, phone number, physical address and support tickets. 76% were already in @haveibeenpwned. More: https://t.co/PvPWJSHqMJ

1

13

7

1

3K

Who to follow

Check if you have an email address or password that has been compromised in a data breach. Created and maintained by @troyhunt.

The Hacker News

@TheHackersNews

The #1 trusted source for cybersecurity news, insights, and analysis — built for defenders and trusted by decision-makers.

Dark Reading

@DarkReading

One of the most widely read and trusted cybersecurity news sites, providing IT security professionals informed insights into the latest news and trends.

3 days ago

Going live with my weekly vid in 10 mins! Back on the IoT Bandwagon: Doorlocks With Unifi Access, Finally Making the AI LPR Work, I Still Hate All Light Switches https://t.co/hc1OKOsDS8

0

2

0

5K

4 days ago

@lnlimbo No. Bottom line was that there are loads of issues we hadn’t initially considered, and now it’s easy to do yourself with agentic AI anyway.

0

1

0

43

5 days ago

Weekly update is up! Have I Been Pwned Passes 1,000 Data Breaches: Join Me for a Commemorative Beer 🍺 https://t.co/TqR6KvAORH

5

18

1

4K

4 days ago

@milkyjoseph Thanks mate, appreciate that 🙂

0

51

4 days ago

@jay_townsend1 @OpenAI @haveibeenpwned @thsottiaux Finally got it sorted, they updated the validation message and I was able to work out where the issue was. All submitted now, but @thsottiaux is welcome to give it a push along too 🙂

troyhunt's tweet photo. @jay_townsend1 @OpenAI @haveibeenpwned @thsottiaux Finally got it sorted, they updated the validation message and I was able to work out where the issue was. All submitted now, but @thsottiaux is welcome to give it a push along too 🙂 https://t.co/9SVnnZ7IVz

0

1

0

109

6 days ago

Have I got any friends at @OpenAI that can help get our app submission for @haveibeenpwned through? After many hours of preparation, we're stuck on an endless loop of "This is a required field" without specifying the field, and they're all complete anyway 🤷‍♂️

troyhunt's tweet photo. Have I got any friends at @OpenAI that can help get our app submission for @haveibeenpwned through? After many hours of preparation, we're stuck on an endless loop of "This is a required field" without specifying the field, and they're all complete anyway 🤷‍♂️ https://t.co/ZzevTSSDPk

8

68

7

14

19K

4 days ago

@urharmless @DarkWebInformer @g7ndh @CTI__Updates @haveibeenpwned Because it doesn’t help answer the question that’s literally in the service’s name. HIBP consciously serves just one very specific purpose, happy others are doing stuff like @DarkWebInformer is though 👍

0

5

1

0

208

troyhunt retweeted

4 days ago

New breach: The University of Nottingham was targeted in a ShinyHunters extortion campaign exposing 455k email addresses this week. Data included name, address, phone, ethnicity, disability & academic enrolment info. 47% were already in @haveibeenpwned https://t.co/F3EOQ3mTlc

4

41

15

11

10K

6 days ago

@LisaForteUK @maxsec What I really dislike about the narrative (especially from the UK), is that this is just a Trojan horse to digitally ID everyone. Not only has this not been the case, it diminishes the real harms social media can cause to those least equipped to handle it.

1

2

0

139

6 days ago

@LisaForteUK @maxsec We’ve only had the law since Dec so it’s early days but yes, responsibility is on the tech firms to implement. There have been some warnings from the gov about insufficient measures, but no penalties yet AFAIK.

1

2

0

92

6 days ago

@maxsec @LisaForteUK More or less, yes, but depends on what people mean by ”work” (saying this as the father of a 13 year old). Lots of kids get around many of the age gates some of the time, but it’s generally changing behaviours. There’s a good reason this is rolling out in so many countries.

1

3

0

132

troyhunt retweeted

NinjaOne

@ninjaone

7 days ago

Most vulnerability management programs are built around periodic scans. But a threat landscape that moves in hours doesn't wait for your next scan cycle. ⏳ @troyhunt joined us to talk about what real-time, remediation-connected vulnerability management looks like. This is such a long overdue conversation for anyone still running scan-and-pray workflows. Watch on-demand: https://t.co/Cbm3OCM4aw

0

4

1

3

4K

troyhunt retweeted

8 days ago

New breach: Baker Distributing had 103k unique email addresses allegedly exposed after appearing on the ShinyHunters "pay or leak" site. The data was mostly corporate contact info including names, addresses and phones. 50% were already in @haveibeenpwned: https://t.co/PmfWpHKRie

3

24

7

10K

8 days ago

Going live with my weekly vid in 10 mins! Have I Been Pwned Passes 1,000 Data Breaches: Join Me for a Commemorative Beer 🍺 https://t.co/QIKdd0e5st

1

7

1

9K

8 days ago

I’ve had so many discussions with breached organisations considering if they should disclose. This is the scenario I always paint: one day, the truth may come out, and you’ll forever be waiting for that day when you’re going to have a *really* serious problem.

TechCrunch

@TechCrunch

9 days ago

Former cyber executive turned whistleblower accuses IBM of covering up several data breaches https://t.co/M33Qnr8fpG

11

157

61

37

65K

1

95

14

9

15K

troyhunt retweeted

10 days ago

New breach: BCD Travel was targeted in a ShinyHunters extortion campaign that published 396k email addresses this week. Other data included name, address, phone, job title and support tickets. 28% were already in @haveibeenpwned. Read more: https://t.co/tY9awopINM

6

26

10

3

10K