Has your private information been compromised in a Data Breach?

Top 10 Data Breaches
152,445,165 - Adobe accounts
30,811,934 - Ashley Madison accounts
13,545,468 - 000webhost accounts
4,833,678 - VTech accounts
4,821,262 - mail.ru Dump accounts
4,789,599 - Bitcoin Security Forum Gmail Dump accounts
4,609,615 - Snapchat accounts
4,483,605 - Money Bookers accounts
3,867,997 - Adult Friend Finder accounts
3,619,948 - Neteller accounts
See All Data Breaches​

Check if you have an account that has been compromised in a data breach​

What is the website all about?
The Have I Been Pwned?* site came about after what to date, remains the largest ever single breach of customer accounts — Adobe. I often did post-breach analysis of user credentials and kept finding the same accounts exposed over and over again, often with the same passwords which then put the victims at further risk of their other accounts being compromised.

The FAQs page goes into a lot more detail, but all the data on this site comes from publicly leaked "breaches" or in other words, personal account data that has been illegally accessed then released into the public domain. Have I been pwned? aggregates it and makes it readily searchable.

*Pwned-to conquer, to gain ownership.

 

Hey Brent,
I know how you feel, because I just got my letter in the mail yesterday. I wasn't in the Military, but worked for Tennessee Valley Authority for years at a nuclear plant.

Three things that came to mind regarding this:

1)Why the government went with myIDcare? A company I've never heard of and in the August 2015 article entitled:

"Seeking Identity Protection? Read This Review First"​

they were not even reviewed...in fact, the reviewer had never even heard of them before...

Kae,

What about myIDcare.? Any insights?




Hi Kae,

We did not research myIdcare, but we will consider them in our next audit. Thanks for bringing them to our attention!


Paul​

2)Now that (yet) another company has my information, how secure is their database?

3)Why is the 2nd (or even 3rd!) OPM Breach not even listed on the See All Data Breaches webpage?

P.S.
I was kind of surprised to see that LifeLock only made 3rd place in the review.

 

The government's official response...

What happened in the background investigation records incident?
◦ 
Earlier this year, OPM discovered malicious cyber activity on their network. It was later determined that the activity resulted in the theft of background investigation records of current, former, and prospective Federal employees and contractors from OPM’s systems. OPM and the interagency incident response team have concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases. OPM has partnered with the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT), and the Federal Bureau of Investigation (FBI) to investigate and determine the full impact to Federal personnel. Federal law enforcement agencies continue to investigate the matter and assist with remediation efforts.

What is MyIDCare?
◦ 
MyIDCare is the brand name of ID Experts’ identity-monitoring product being offered to you if you were impacted by the background investigation records incident.​

And now for the rest of the story…

A Timeline of Government Data Breaches
After it was revealed in June that two large-scale hacks at the Office of Personnel Management resulted in the theft of millions of employee personnel files and sensitive security-clearance information, members of Congress called a series of committee hearings to get to the bottom of the events that led to the hacks.

Those hearings landed recently resigned OPM Director Katherine Archuleta in the hot seat, where she was grilled for her handling of the agency’s data security and IT practices in the leadup to the breaches. In one heated exchange last month, Sen. John McCain struck out at Archuleta for withholding information about the breaches, and for not herself meeting with the FBI after the hack occurred. Just one day before, House Oversight Committee Chairman Jason Chaffetz accused Archuleta of lying outright about...​

*-Don't miss the minor detail, that government employee data was stored non-encrypted. :swoon:

 

Out of curiosity, was it a company called...

​

I ask because when myIDcare was offered to me for FREE, I was surprised (if not somewhat suspicious) when I could only turn up so little information about them and the fact they didn't even exist before 2012.

The Good

• Preferred Government Contractor
• 13 Years In Business
• Covers 9 Types Of Identity Theft
• $1 Million Insurance Amount

The Bad

• Only Available Through Participating Businesses
• Does Not Provide Analytical System

NOTE: IDExperts owns myIDCare. See Customer Reviews here.​

 

Another website that can check your username, email, actual name, phone number or even IP Address is LEAKEDSOURCE. You can check any of those for free, or sign up for as little as $4 to get a full report with all of the actual RAW data that was leaked.