Troy Hunt
@troyhunt.com
Creator of Have I Been Pwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Reposted by Troy Hunt
New breach: Under Armour was the victim of a ransomware attack in November. Customer data was published to a hacking forum this week and includes 72M email addresses, along with other personal information. 76% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Under...
Have I Been Pwned: Under Armour Data Breach
In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, alleging they had obtained access to 343GB of data. In January 2026, customer data fro...
haveibeenpwned.com
January 21, 2026 at 6:50 AM
New breach: Under Armour was the victim of a ransomware attack in November. Customer data was published to a hacking forum this week and includes 72M email addresses, along with other personal information. 76% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Under...
Reposted by Troy Hunt
New breach: Indian streaming music service Raaga allegedly had 10M records breached last month. Data included email, name, gender, age, postcode and unsalted MD5 password hash. 60% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Raaga
Have I Been Pwned: Raaga Data Breach
In December 2025, data allegedly breached from the Indian streaming music service "Raaga" was posted for sale to a popular hacking forum. The data contained 10M unique email addresses along with names...
haveibeenpwned.com
January 19, 2026 at 5:40 PM
New breach: Indian streaming music service Raaga allegedly had 10M records breached last month. Data included email, name, gender, age, postcode and unsalted MD5 password hash. 60% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Raaga
Weekly update is up! A Fully Automated Explanation of “AI Slop” — Why the Internet Thinks Everything Made by Computers Is Now Wet Garbage
www.troyhunt.com/weekly-updat...
www.troyhunt.com/weekly-updat...
Weekly Update 487
I thought Scott would cop it first when he posted about what his solar system really cost him last year. "You're so gonna get that stupid AI-slop response from some people", I joked. But no, he got other...
www.troyhunt.com
January 18, 2026 at 11:33 PM
Weekly update is up! A Fully Automated Explanation of “AI Slop” — Why the Internet Thinks Everything Made by Computers Is Now Wet Garbage
www.troyhunt.com/weekly-updat...
www.troyhunt.com/weekly-updat...
Reposted by Troy Hunt
New breach: France's Pass'Sport had 6.5M email addresses breached and posted publicly last month. Data included name, phone, gender and physical address. 71% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/PassS...
Have I Been Pwned: Pass'Sport Data Breach
In December 2025, data from France's Pass'Sport program was posted to a popular hacking forum. Initially misattributed to CAF (the French family allowance fund), the data contained 6.5M unique email a...
haveibeenpwned.com
January 18, 2026 at 4:31 PM
New breach: France's Pass'Sport had 6.5M email addresses breached and posted publicly last month. Data included name, phone, gender and physical address. 71% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/PassS...
I’m live from Oslo! A Fully Automated Explanation of “AI Slop” — Why the Internet Thinks Everything Made by Computers Is Now Wet Garbage www.youtube.com/live/r9i8zDp...
January 16, 2026 at 3:28 PM
I’m live from Oslo! A Fully Automated Explanation of “AI Slop” — Why the Internet Thinks Everything Made by Computers Is Now Wet Garbage www.youtube.com/live/r9i8zDp...
Weekly update is up! I'm in Oslo; The WhiteDate Breach; The Instagram Scraped Data (and password resets) www.troyhunt.com/weekly-updat...
Weekly Update 486
I’m in Oslo! Flighty is telling me I’ve flown in or out of here 43 times since a visit in 2014 set me on a new path professionally and, many years later, personally. It’s special here, like a second…
www.troyhunt.com
January 16, 2026 at 6:40 AM
Weekly update is up! I'm in Oslo; The WhiteDate Breach; The Instagram Scraped Data (and password resets) www.troyhunt.com/weekly-updat...
Occasionally, someone takes issue with me flagging a data breach as "sensitive" such that the email addresses can't be publicly searched because they want to dox the users. That's a *really* bad idea, for many reasons: www.troyhunt.com/who-decides-...
Who Decides Who Doesn’t Deserve Privacy?
Remember the Ashley Madison data breach? That was now more than a decade ago, yet it arguably remains the single most noteworthy data breach of all time. There are many reasons for this accolade, but…
www.troyhunt.com
January 13, 2026 at 11:42 AM
Occasionally, someone takes issue with me flagging a data breach as "sensitive" such that the email addresses can't be publicly searched because they want to dox the users. That's a *really* bad idea, for many reasons: www.troyhunt.com/who-decides-...
Going live with my weekly vid... now! I'm in Oslo; The WhiteDate Breach; The Instagram Scraped Data (and password resets) www.youtube.com/watch?v=x_70...
Weekly Update 486
I'm in Oslo; The WhiteDate Breach; The Instagram Scraped Data (and password resets)
www.youtube.com
January 13, 2026 at 8:09 AM
Going live with my weekly vid... now! I'm in Oslo; The WhiteDate Breach; The Instagram Scraped Data (and password resets) www.youtube.com/watch?v=x_70...
Reposted by Troy Hunt
New scrape: Instagram allegedly had 17M rows of largely public data scraped from an API and posted to a hacking forum this week. 6.2M rows also included an email address, and some rows a phone number. 100% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Insta...
Have I Been Pwned: Instagram Data Breach
In January 2026, data allegedly scraped via an Instagram API was posted to a popular hacking forum. The dataset contained 17M rows of public Instagram information, including usernames, display names, ...
haveibeenpwned.com
January 11, 2026 at 5:03 PM
New scrape: Instagram allegedly had 17M rows of largely public data scraped from an API and posted to a hacking forum this week. 6.2M rows also included an email address, and some rows a phone number. 100% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Insta...
Reposted by Troy Hunt
New breach: A reincarnation of BreachForums was breached in Aug before being taken down by law enforcement agencies in Oct. Data included 672k unique email addresses across user, post and private message tables. 53% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Breac...
Have I Been Pwned: BreachForums (2025) Data Breach
In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies. In the months lead...
haveibeenpwned.com
January 11, 2026 at 8:49 AM
New breach: A reincarnation of BreachForums was breached in Aug before being taken down by law enforcement agencies in Oct. Data included 672k unique email addresses across user, post and private message tables. 53% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Breac...
Weekly update is up! Live from Dubai with @scotthelme.bsky.social! My Changing View on Sponsorships; Scott on Moving to Dubai; On the Overhead of Support www.troyhunt.com/weekly-updat...
Weekly Update 485
15 mins and 40 seconds. That's how long it took to troubleshoot the first tech problem of 2026, and that's how far you'll need to skip through this video to hear the audio at normal volume. The proble...
www.troyhunt.com
January 7, 2026 at 6:28 AM
Weekly update is up! Live from Dubai with @scotthelme.bsky.social! My Changing View on Sponsorships; Scott on Moving to Dubai; On the Overhead of Support www.troyhunt.com/weekly-updat...
Reposted by Troy Hunt
New sensitive breach: Europid dating service WhiteDate had 6k unique emails breached last month, among extensive other personal data including physical attributes and IQ level. 59% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/White...
Have I Been Pwned: WhiteDate Data Breach
In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that exposed 6k unique email addresses. The breach exposed extensive further personal information including...
haveibeenpwned.com
January 6, 2026 at 6:36 AM
New sensitive breach: Europid dating service WhiteDate had 6k unique emails breached last month, among extensive other personal data including physical attributes and IQ level. 59% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/White...
We’re Live from Dubai with Scott Helme! My Changing View on Sponsorships; Scott on Moving to Dubai; On the Overhead of Support
Weekly Update 485
Live from Dubai with Scott Helme! My Changing View on Sponsorships; Scott on Moving to Dubai; On the Overhead of Support
www.youtube.com
January 3, 2026 at 1:58 AM
We’re Live from Dubai with Scott Helme! My Changing View on Sponsorships; Scott on Moving to Dubai; On the Overhead of Support
Weekly update is up! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti: www.troyhunt.com/weekly-updat...
Weekly Update 484
I think the start of this week's video really nailed it for the techies amongst us: shit doesn't work, you change something random and now shit works and yu have no idea why 🤷♂️ Such was my audio…
www.troyhunt.com
December 28, 2025 at 9:35 AM
Weekly update is up! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti: www.troyhunt.com/weekly-updat...
Reposted by Troy Hunt
New breach: WIRED magazine had 2.3M records allegedly breached from parent company Condé Nast and published online this week. Data included email and display name, some records contained additional personal data. 81% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/WIRED
Have I Been Pwned: WIRED Data Breach
In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company Condé Nast were published online. The most recent data dated back to the previous September and exposed em...
haveibeenpwned.com
December 28, 2025 at 12:16 AM
New breach: WIRED magazine had 2.3M records allegedly breached from parent company Condé Nast and published online this week. Data included email and display name, some records contained additional personal data. 81% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/WIRED
Big thanks to @malwarebytes.com for sponsoring my blog this week! Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing www.malwarebytes.com/browserguard...
Browser Guard: 100% free ad blocker browser extension
Malwarebytes Browser Guard for Chrome, Firefox, Safari and Edge helps protect your online privacy from ad trackers and more.
www.malwarebytes.com
December 27, 2025 at 2:43 AM
Big thanks to @malwarebytes.com for sponsoring my blog this week! Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing www.malwarebytes.com/browserguard...
Going live with my weekly update in 10 mins! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti
Weekly Update 484
Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti
www.youtube.com
December 26, 2025 at 10:30 PM
Going live with my weekly update in 10 mins! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti
Reposted by Troy Hunt
New breach: Russian airline Utair had 400k customer email addresses breached in 2019 and discovered the following year. Data also included name, physical address, DoB and passport number. 79% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Utair
Have I Been Pwned: Utair Data Breach
In August 2020, news broke of a data breach of Russian airline Utair that dated back to the previous year. The breach contained over 400k unique email addresses along with extensive personal informati...
haveibeenpwned.com
December 26, 2025 at 9:02 PM
New breach: Russian airline Utair had 400k customer email addresses breached in 2019 and discovered the following year. Data also included name, physical address, DoB and passport number. 79% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Utair
Reposted by Troy Hunt
A good mix of real security fails & a healthy dose of snark. @eff.org: 'The Breachies 2025: The Worst, Weirdest, Most Impactful Data Breaches of the Year.' Congrats (?) @troyhunt.com? www.eff.org/deeplinks/20... #cybersecurity @gate15.bsky.social @campuscodi.risky.biz @ransomwaresommelier.com
The Breachies 2025: The Worst, Weirdest, Most Impactful Data Breaches of the Year
Another year has come and gone, and with it, thousands of data breaches that affect millions of people. The question these days is less, Is my information in a data breach this year? and more How many...
www.eff.org
December 22, 2025 at 12:31 PM
A good mix of real security fails & a healthy dose of snark. @eff.org: 'The Breachies 2025: The Worst, Weirdest, Most Impactful Data Breaches of the Year.' Congrats (?) @troyhunt.com? www.eff.org/deeplinks/20... #cybersecurity @gate15.bsky.social @campuscodi.risky.biz @ransomwaresommelier.com
Reposted by Troy Hunt
New sensitive breach: Russian pharmaceutical company Gemotest had 31M records with 6.3M unique email addresses breached in 2022. Data included name, DoB, physical address, passport and insurance numbers. 70% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Gemot...
Have I Been Pwned: Медицинская лаборатория Гемотест (Gemotest) Data Breach
In April 2022, Russian pharmaceutical company Gemotest suffered a data breach that exposed 31 million patients. The data contained 6.3 million unique email addresses along with names, physical address...
haveibeenpwned.com
December 24, 2025 at 2:46 AM
New sensitive breach: Russian pharmaceutical company Gemotest had 31M records with 6.3M unique email addresses breached in 2022. Data included name, DoB, physical address, passport and insurance numbers. 70% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Gemot...
Weekly update is up! IoT all the things! A full walkthrough of all the connected stuff, warts and all. www.troyhunt.com/weekly-updat...
Weekly Update 483
Building out an IoT environment is a little like the old Maslow's Hierarchy of Needs. All the stuff on the top is only any good if all the stuff on the bottom is good, starting with power. This week,…
www.troyhunt.com
December 21, 2025 at 1:22 AM
Weekly update is up! IoT all the things! A full walkthrough of all the connected stuff, warts and all. www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 10 minutes! IoT all the things! A full walkthrough of all the connected stuff, warts and all. youtube.com/live/M5eRKlO...
Weekly Update 483
IoT all the things! A full walkthrough of all the connected stuff, warts and all.
youtube.com
December 18, 2025 at 10:20 PM
Going live with my weekly vid in 10 minutes! IoT all the things! A full walkthrough of all the connected stuff, warts and all. youtube.com/live/M5eRKlO...
Big thanks to @1password.bsky.social for sponsoring my blog this week! 1Password Extended Access Management: Secure every sign-in for every app on every device. 1password.com/troyhunt
Enterprise Password Manager | 1Password
Secure sensitive data and combat shadow IT using 1Password, an enterprise password manager designed for effective team-wide password management and security.
1password.com
December 18, 2025 at 9:41 PM
Big thanks to @1password.bsky.social for sponsoring my blog this week! 1Password Extended Access Management: Secure every sign-in for every app on every device. 1password.com/troyhunt
Reposted by Troy Hunt
New breach: French vehicle inspection company AUTOSUR had 10M records with 487k unique email addresses breached in March. Data also included name, address, phone and vehicle details. 78% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/AUTOSUR
Have I Been Pwned: AUTOSUR Data Breach
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data inclu...
haveibeenpwned.com
December 18, 2025 at 5:17 AM
New breach: French vehicle inspection company AUTOSUR had 10M records with 487k unique email addresses breached in March. Data also included name, address, phone and vehicle details. 78% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/AUTOSUR