Has your email been hacked?

Alex Zaharov-Reutt
Friday, 24 June 2011 11:54

Your IT - Home IT

Sydneysider Daniel Grzelak has put together an online database of compromised email accounts, easily searchable, to let end-users type in their email addresses to see whether they come up on the list of hacked email addresses - or not.

With so many email accounts and other personal details having leaked due to intense hacker activity, Sydneysider Daniel Grzelak has decided to put together a website letting people see whether their email addresses appear on the lists of hacked information.

Mr Grzelak's site is called 'Should I change my password?' and claims not to have anyone's password listed on the site, nor to store anyone's email address, but simply exists as a mechanism to let people see if their email address (and whatever password was used for that address on blogs or other sites) is known to the various hacker collectives.

I tried typing in one of my addresses, which came up, and another, which did not, and looking at the sources Mr Grzelak used, I was reminded that one of my email addresses was breached in the Gawker attack.

Thankfully I didn't use any of my important passwords when I signed up to Gawker, but as many, many people seem to use the exact same password for all their online activities, Mr Grzelak's site is yet another ear-piercing wake-up call to everyone to never use the same password twice.

In the 'About' section of Mr Grzelak's site, he notes that: 'LulzSec and other groups have been hacking an assortment of prominent organisations. For good or for bad, they have also been publishing their databases, which typically include emails and passwords. Given that most people re-use their passwords, this site allows the average person to check if their password(s) may have been compromised and need to be changed.'

As Mr Gzelak reminds us all: 'Note that no passwords are stored in this database', along with another 'privacy note' stating: 'The email you enter will NOT be stored, transmitted, or otherwise used beyond this check by me or this website.'

He also lists his Twitter address @dagrz for anyone that might have 'questions or concerns', where he also lists his Facebook page for people to post 'war stories and suggestions'.

In Mr Grzelak's 'FAQ' section, he poses some questions and answers. In answer to the question 'Is this a phishing site and why should I trust it?', the answer is listed as: 'This is not a phishing site and has been vetted by a number of trustworthy individuals and organisations (see media). As the author I am also providing my contact details so you can contact me and make the decision for yourself.'

More details on page two, please read on!