Let me start with this headline [http://www.reuters.com/article/us-cyber-passwords-idUSKCN0XV1I6]: Other headlines went on to suggest that you need to change your password right now [http://www.iflscience.com/technology/millions-passwords-hotmail-gmail-and-yahoo-have-been-stolen] if you're using the likes of Hotmail or Gmail, among others. The strong implication across the stories I've read is that these mail providers have been hacked and now there's a mega-list of stolen accounts floating...

I've just been reading Kingpin by Kevin Poulsen [http://www.amazon.com.au/Kingpin-Butler-master-billion-network-ebook/dp/B006FLRFQK?ie=UTF8&keywords=kingpin%20hacker&qid=1461881397&ref_=sr_1_1&sr=8-1] which sheds some really interesting light on criminal credit card fraud in the mid 2000's. Towards the end of the book, there's a reference to a 1997 case in which the government persuades the sentencing judge to permanently seal the court transcripts for fear that disclosure would impact the targ...

I certainly didn't expect it would go this far when I built Have I been pwned [https://haveibeenpwned.com/] (HIBP) a few years ago, but I've just loaded the 100th data breach into the system. This brings it to a grand total of 336,724,945 breached accounts that have been loaded in over the years, another figure I honestly didn't expect to see. But there's something a bit different about this 100th data breach - it was provided to me by the site that was breached themselves. It was self-submitte...

Update (just a couple of hours later): We're fixed! By all means, read the background it you're having similar problems or jump to the bottom for the solution. -------------------------------------------------------------------------------- I'm writing this post because I've pretty much exhausted all other avenues. I'm out of ideas. I'm stumped. I'm also missing a truckload of Disqus comments that should be appearing on many of the blog posts I've just migrated. Let me explain what I've done...

It's been 434 blog posts over six and a half years. It's gone from being excited about a hundred visitors in a week to hundreds of thousands on a big day. It's taken me from a hobby to a career. In so many ways, this blog has defined who I am and what I do today but finally, it was time for a change. You're now reading an all new blog in an all new design on an all new platform. The content is the only thing that remains and I've literally rebuilt everything from the ground up over the last few...

Remember when OPM got breached last year [https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach]? There was a lot of excitement in various parts of the world (namely the US) because here we had a government department (Office of Personnel Management), and they’d just lost 21.5 million records! These records included such sensitive data as names, dates of birth and addresses and by any reasonable measure, it was serious – that’s almost 7% of the country’s population! Yet some...

A little while back, I wrote about how Lenovo were sending me some things as part of their Insiders program [https://www.troyhunt.com/2016/02/kids-and-code-simple-programming-on.html] which meant getting to use a number of machines I probably wouldn’t have thought twice about otherwise. The Yoga 900 in that blog post, for example, is not something I would have normally considered for myself as I like a physically larger, gruntier machine yet it’s turned out to be one of the best laptops I’ve eve...

It’s now going on two and a half years since I launched Have I been pwned [https://haveibeenpwned.com/] (HIBP) and I’m continually amazed by how much has happened in that time. It started out with a “mere” 152M breached records and has now more than doubled in volume, I’ve added an API, notifications, domain searches, pastes and a heap of other things both visible to the public and behind the scenes. It’s also gone from a hobby project which I thought only a few curious technology people would v...

Each year since 2011, on April first (yeah, I know…), I’ve looked for one of these to land in my inbox and fortunately, this year didn’t disappoint: The MVP program has been an enormously fulfilling thing to be a part of these last five years. It’s been great for the connections I’ve made, the access to folks in Microsoft and the community engagements it’s lead to, particularly in my post-corporate life as an independent. Now yes, I’ve been misquoted as “Troy Hunt from Microsoft” many, many t...

I love this Google Play store review of the NissanConnect app which had such terrible security issues recently [https://www.troyhunt.com/2016/02/controlling-vehicle-features-of-nissan.html]: > I may print and frame this: pic.twitter.com/P0hu7E08GQ [https://t.co/P0hu7E08GQ] — Troy Hunt (@troyhunt) March 17, 2016 [https://twitter.com/troyhunt/status/710604327186931712] I join a long line of stupid security folks who’ve messed things up for other people. Sometimes people have been unable to purc...