Troy Hunt
@troyhunt.com
Creator of Have I Been Pwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Reposted by Troy Hunt
New breach: Russian streaming service KinoKong had over 800k records breached in March 2021. Data included email, name, username, IP address and MD5 password hash. 64% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/KinoK...
Have I Been Pwned: KinoKong Data Breach
In March 2021, the Russian online streaming service KinoKong suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 800k unique email addresses...
haveibeenpwned.com
December 6, 2025 at 8:16 AM
New breach: Russian streaming service KinoKong had over 800k records breached in March 2021. Data included email, name, username, IP address and MD5 password hash. 64% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/KinoK...
Weekly update is up! It's @haveibeenpwned.com's 12th-birthday celebrtation, with special guest Charlotte Hunt 😊 www.troyhunt.com/weekly-updat...
Weekly Update 481
Twelve years (and one day) since launching Have I Been Pwned, it's now a service that Charlotte and I live and breathe every day. From the first thing every morning to the last thing each day, from ho...
www.troyhunt.com
December 5, 2025 at 7:16 AM
Weekly update is up! It's @haveibeenpwned.com's 12th-birthday celebrtation, with special guest Charlotte Hunt 😊 www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 15 mins! It's the Have I Been Pwned 12th Birthday Special with Charlotte! youtube.com/live/fKkcx4d...
Weekly Update 481
It's the Have I Been Pwned 12th Birthday Special with Charlotte! Sponsored by Report URIhttps://www.troyhunt.com/weekly-update-480/
youtube.com
December 4, 2025 at 9:45 PM
Going live with my weekly vid in 15 mins! It's the Have I Been Pwned 12th Birthday Special with Charlotte! youtube.com/live/fKkcx4d...
I've had this dumb report too many times, and Bruce has finally tipped me over the edge. @haveibeenpwned.com is a real service that looks up email addresses in actual data breaches, but some people don't understand what an email address actually is www.troyhunt.com/why-does-hav...
Why Does Have I Been Pwned Contain "Fake" Email Addresses?
Normally, when someone sends feedback like this, I ignore it, but it happens often enough that it deserves an explainer, because the answer is really, really simple. So simple, in fact, that it should...
www.troyhunt.com
December 3, 2025 at 11:38 PM
I've had this dumb report too many times, and Bruce has finally tipped me over the edge. @haveibeenpwned.com is a real service that looks up email addresses in actual data breaches, but some people don't understand what an email address actually is www.troyhunt.com/why-does-hav...
Happy birthday @haveibeenpwned.com! 12 years ago today, I pushed out a blog post launching a little data breach search tool, and life changed forever. Reading the post again now, did I get it right? 😎 www.troyhunt.com/introducing-...
Introducing “Have I been pwned?” – aggregating accounts across website breaches
I often write up analyses of the passwords disclosed in website breaches. For
example, there was A brief Sony password analysis
[https://www.troyhunt.com/2011/06/brief-sony-password-analysis.html] bac...
www.troyhunt.com
December 3, 2025 at 8:02 PM
Happy birthday @haveibeenpwned.com! 12 years ago today, I pushed out a blog post launching a little data breach search tool, and life changed forever. Reading the post again now, did I get it right? 😎 www.troyhunt.com/introducing-...
Reposted by Troy Hunt
New breach: The Nissan 240SX Silvia and Z Fairlady car forum Zilvia[.]net had 288k records breached and leaked in Nov. Data included email and IP address, username and salted MD5 password hash. 81% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Zilvia
Have I Been Pwned: Zilvia.net Data Breach
In November 2025, data breached from the Zilvia.net Nissan 240SX Silvia and Z Fairlady car forum was leaked. The breach exposed 288k unique email addresses along with usernames, IP addresses and salte...
haveibeenpwned.com
December 1, 2025 at 7:42 AM
New breach: The Nissan 240SX Silvia and Z Fairlady car forum Zilvia[.]net had 288k records breached and leaked in Nov. Data included email and IP address, username and salted MD5 password hash. 81% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Zilvia
Weekly update is up! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification www.troyhunt.com/weekly-updat...
Weekly Update 480
Well, I now have the answer to how Snapchat does age verification for under-16s: they give an underage kid the ability to change their date of birth, then do a facial scan to verify. The facial scan…
www.troyhunt.com
December 1, 2025 at 7:42 AM
Weekly update is up! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 15 mins! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification youtube.com/live/er_acho...
Weekly Update 480
The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification; Sponsored by Report URI
youtube.com
November 27, 2025 at 9:45 PM
Going live with my weekly vid in 15 mins! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification youtube.com/live/er_acho...
Reposted by Troy Hunt
New breach: The China Software Developer Network (CSDN) had 6.4M records breached in 2011. Data included email address, username and plain text password. 80% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/CSDN
Have I Been Pwned: China Software Developer Network Data Breach
In 2011, the China Software Developer Network (CSDN) suffered a data breach that exposed over 6M user records. The data included email addresses alongside usernames and plain text passwords.
haveibeenpwned.com
November 27, 2025 at 5:53 AM
New breach: The China Software Developer Network (CSDN) had 6.4M records breached in 2011. Data included email address, username and plain text password. 80% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/CSDN
Reposted by Troy Hunt
New breach: Online coding practice tool CodeStepByStep had 17k records breached last week. Data included name, username and email address. 61% were already in @haveibeenpwned.com . Read more: haveibeenpwned.com/Breach/CodeS...
Have I Been Pwned: CodeStepByStep Data Breach
In November 2025, the online coding practice tool CodeStepByStep suffered a data breach that exposed 17k records. The impacted data included names, usernames and email addresses.
haveibeenpwned.com
November 23, 2025 at 5:57 AM
New breach: Online coding practice tool CodeStepByStep had 17k records breached last week. Data included name, username and email address. 61% were already in @haveibeenpwned.com . Read more: haveibeenpwned.com/Breach/CodeS...
Weekly update is up! Record (?) HIBP Traffic Month; The Week in Breaches; IoT Water Meter Reader with Home Assistant and AI www.troyhunt.com/weekly-updat...
Weekly Update 479
I gave up on the IoT water meter reader. Being technical and thinking you can solve everything with technology is both a blessing and a curse; dogged persistence has given me the life I have today,…
www.troyhunt.com
November 23, 2025 at 5:46 AM
Weekly update is up! Record (?) HIBP Traffic Month; The Week in Breaches; IoT Water Meter Reader with Home Assistant and AI www.troyhunt.com/weekly-updat...
Reposted by Troy Hunt
New breach: In March, 1.8M records allegedly obtained from the ADDA housing societies service was posted to a public hacking forum. Data included email, name, phone and MD5 password hash. 67% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/ADDA
Have I Been Pwned: ADDA Data Breach
In March 2025, data allegedly breached from the ADDA housing societies service was posted to a public hacking forum. The data contained over 1.8M unique email addresses along with names, phone numbers...
haveibeenpwned.com
November 23, 2025 at 1:24 AM
New breach: In March, 1.8M records allegedly obtained from the ADDA housing societies service was posted to a public hacking forum. Data included email, name, phone and MD5 password hash. 67% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/ADDA
Big thanks to @1password.bsky.social for sponsoring my blog this week. 1Password Extended Access Management: Secure every sign-in for every app on every device. 1password.com/troyhunt
SaaS Governance: Discover, govern, and optimize SaaS spending with Trelica by 1Password | 1Password
Modern SaaS governance is complex. Trelica by 1Password solves these challenges by providing deep visibility, automation & actionable insights to reduce risk.
1password.com
November 22, 2025 at 2:04 AM
Big thanks to @1password.bsky.social for sponsoring my blog this week. 1Password Extended Access Management: Secure every sign-in for every app on every device. 1password.com/troyhunt
Going live with my weekly vid in 15 mins! Record (?) HIBP Traffic Month; The Week in Breaches; IoT Water Meter Reader with Home Assistant and AI youtube.com/live/h4lzcex...
Weekly Update 479
Record (?) HIBP Traffic Month; The Week in Breaches; IoT Water Meter Reader with Home Assistant and AI; Sponsored by 1Password
youtube.com
November 20, 2025 at 11:15 PM
Going live with my weekly vid in 15 mins! Record (?) HIBP Traffic Month; The Week in Breaches; IoT Water Meter Reader with Home Assistant and AI youtube.com/live/h4lzcex...
Reposted by Troy Hunt
New breach: The International Kiteboarding Organization had 340k records breached this month. Data included email address, name, username and geolocation. 70% were already in @haveibeenpwned.com . Read more: haveibeenpwned.com/Breach/IKO
Have I Been Pwned: International Kiteboarding Organization Data Breach
In November 2025, the International Kiteboarding Organization suffered a data breach that exposed 340k user records. The data was subsequently listed for sale on a hacking forum and included email add...
haveibeenpwned.com
November 20, 2025 at 10:52 PM
New breach: The International Kiteboarding Organization had 340k records breached this month. Data included email address, name, username and geolocation. 70% were already in @haveibeenpwned.com . Read more: haveibeenpwned.com/Breach/IKO
Reposted by Troy Hunt
New breach: Beckett Collectibles experienced a breach and website content defacement this month. A portion of the data leaked publicly, including more than 500k alleged North American email addresses. 84% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Beckett
Have I Been Pwned: Beckett Collectibles Data Breach
In November 2025, Beckett Collectibles experienced a data breach accompanied by website defacement. The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequent...
haveibeenpwned.com
November 20, 2025 at 5:49 AM
New breach: Beckett Collectibles experienced a breach and website content defacement this month. A portion of the data leaked publicly, including more than 500k alleged North American email addresses. 84% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Beckett
Reposted by Troy Hunt
New breach: Eurofiber France had 10k unique email addresses breached last week in an attack on its ticket management platform. Some records also included name and phone number. 33% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Eurof...
Have I Been Pwned: Eurofiber Data Breach
In November 2025, Eurofiber France disclosed a data breach of its ticket management platform. Data containing 10k unique email addresses and a smaller number of names and phone numbers was subsequentl...
haveibeenpwned.com
November 20, 2025 at 2:52 AM
New breach: Eurofiber France had 10k unique email addresses breached last week in an attack on its ticket management platform. Some records also included name and phone number. 33% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Eurof...
Reposted by Troy Hunt
New breach: Vultr had 188k email addresses breached via a security incident at a third-party in 2022. Some records also contained name, IP and country. 44% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Vultr
Have I Been Pwned: Vultr Data Breach
In March 2023, the "AI-first global cloud platform" Vultr disclosed a security incident at a third-party vendor. Dating back to the previous year, the incident was attributed to the ActiveCampaign ema...
haveibeenpwned.com
November 20, 2025 at 1:29 AM
New breach: Vultr had 188k email addresses breached via a security incident at a third-party in 2022. Some records also contained name, IP and country. 44% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Vultr
We’ve had an absolutely MASSIVE month at @haveibeenpwned.com! 20M visitors, billions of processed records, a major rewrite of our ingestion pipeline (thanks @stebet.net!) and seemingly endless support tickets and other enquires. Every time I think it’s peaked…
November 19, 2025 at 8:18 PM
We’ve had an absolutely MASSIVE month at @haveibeenpwned.com! 20M visitors, billions of processed records, a major rewrite of our ingestion pipeline (thanks @stebet.net!) and seemingly endless support tickets and other enquires. Every time I think it’s peaked…
Weekly update is up! Home Sweet Home; Lessons From Processing Those 2B Email Addresses; I Spoke at Europol in The Hague; Operation Endgame 3.0 www.troyhunt.com/weekly-updat...
Weekly Update 478
This week, it was an absolute privilege to be at Europol in The Hague, speaking about cyber offenders and at the InterCOP conference and spending time with some of the folks involved in the Operation…
www.troyhunt.com
November 16, 2025 at 11:33 PM
Weekly update is up! Home Sweet Home; Lessons From Processing Those 2B Email Addresses; I Spoke at Europol in The Hague; Operation Endgame 3.0 www.troyhunt.com/weekly-updat...
Big thanks to Malwarebytes for sponsoring my blog this week! Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing www.malwarebytes.com/browserguard...
Browser Guard: 100% free ad blocker browser extension
Malwarebytes Browser Guard for Chrome, Firefox, Safari and Edge helps protect your online privacy from ad trackers and more.
www.malwarebytes.com
November 15, 2025 at 1:58 AM
Big thanks to Malwarebytes for sponsoring my blog this week! Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing www.malwarebytes.com/browserguard...
Going live with my weekly vid in half an hour! Home Sweet Home; Lessons From Processing Those 2B Email Addresses; I Spoke at Europol in The Hague; Operation Endgame 3.0 youtube.com/live/B46JhYw...
Weekly Update 478
Home Sweet Home; Lessons From Processing Those 2B Email Addresses; I Spoke at Europol in The Hague; Operation Endgame 3.0; Sponsored by Malwarebytes
youtube.com
November 14, 2025 at 10:30 PM
Going live with my weekly vid in half an hour! Home Sweet Home; Lessons From Processing Those 2B Email Addresses; I Spoke at Europol in The Hague; Operation Endgame 3.0 youtube.com/live/B46JhYw...
Weekly update is up: I’m in Belgium! Here’s everything that went wrong with loading 2 billion breached email addresses… www.troyhunt.com/weekly-updat...
Weekly Update 477
What. A. Week. It wasn't just the preceding weeks of technical pain as we tried to work out how to get this data loaded, it was all the subsequent queries we had to deal with too. Some of them are…
www.troyhunt.com
November 12, 2025 at 11:31 PM
Weekly update is up: I’m in Belgium! Here’s everything that went wrong with loading 2 billion breached email addresses… www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 10 mins: I’m in Belgium! Here’s reaching that went wrong with loading 2 billion breached email addresses…
Weekly Update 477
I’m in Belgium! Here’s reaching that went wrong with loading 2 billion breached email addresses…
www.youtube.com
November 9, 2025 at 7:50 AM
Going live with my weekly vid in 10 mins: I’m in Belgium! Here’s reaching that went wrong with loading 2 billion breached email addresses…
Reposted by Troy Hunt
New sensitive breach: Hungarian political party TISZA suffered a breach of its TISZA Világ platform last month, exposing 200k records, later published online. Data included email, name, phone & physical address. 41% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Tisza
Have I Been Pwned: TISZA Világ Data Breach
In November 2025, data breached from the Hungarian political party TISZA was extensively redistributed online. Stemming from a compromise of the TISZA Világ service the previous month, the breach expo...
haveibeenpwned.com
November 8, 2025 at 10:11 AM
New sensitive breach: Hungarian political party TISZA suffered a breach of its TISZA Világ platform last month, exposing 200k records, later published online. Data included email, name, phone & physical address. 41% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Tisza