ALERT! many emails/passwords leaked. Save Your butt!


#1

:warning: DUE DILIGENCE IS REQUIRED, USE THE SERVICE AT YOUR OWN RISK. THE TOOL IS FOR INFORMATIVE PURPOSES ONLY, I DO NOT ENDORSE IT IN ANY WAY EXCEPT THAT I BELIEVE THAT THE DEVELOPER OF THE SITE IS DOING WITH A SAMARITAN INSTINCT AND NOT WITH THE MOTIVE OF COLLECTING EMAILS/PASSWORDS.

IMAGE: A Screenshot of my email id’s result that I used to create an account on zomato.


Zomato out of all leaked my email address that is linked to my bank accounts as well.

Go figure out why You’re receiving too much spam:

Enter Your email addresses and check if they have been published somewhere on the internet already. There is a password test feature as well which you can use to test if Your password was also leaked (but use it at your own risk and don’t use that password again even if it was not leaked because you never know)


#2

yeah… I checked mine…


#3

Firefox provides similar tool monitor.firefox.com
,Other tool to check password strength by dashlane howsecureismypassword.net


#4

Well, it’s not checking password strength but checking if Your password was posted online for sale after you used it on a service and it got hacked.

Thanks for enlightenment.


#5

Thank you for the information sir.

Probably none of these tools are covering quora 100 million users date breach last month. Quora sent me a mail that your data was leaked but these tools are not showing that.


#6

Quora didn’t (and wouldn’t) make public which users were affected.
How these tools work is that they find dumps of such leaks (free or up for sale) and then create a database of the same.


#7

If we use Googel account to register instead of Email and Password, then what?


#8

Login with Google option simply authenticate third party app for sharing your personal basic info that includes e-mail.


#9

That simply means that You’re letting google write the email and other relevant fields for You in your registration. Doesn’t mean that the 3rd party doesn’t get your email address.


#10

How do you know this website is not an email collector?
And what are the guarantee that your data leaked information is correct?

I can create a dummy website, https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html with this data. :face_with_monocle:


#11

It’s operated by troy hunt.
https://twitter.com/troyhunt
And if you don’t take his word in cyber security then you shouldn’t be using discourse either.

Check the website for sources. Due diligence is required, I don’t use gmail anymore and hence tested if those were leaked and they were. I haven’t shared my personal email to anyone outside of my clients so it has no chance of getting leaked.


#12

They surely might be. But how can you confirm it’s Zomato.

Great.

It’s like VPN services saying we keep no logs


#13

It’s more like facebook and google saying we care for your privacy

News reports plus evidences of it being listed under the leaked database of zomato.


#14

you’re hired!


#15

Oh, it’s showing for this too, xyz @ gmail.com and for all


#16

that may be an email address used by someone.
because mine doesn’t include yatra.com
and my mother’s gmail is not pwned.


#17

It’s not against this thread, but there’s possibility that this tool itself might be capturing emails.
Simple and safe.


#18

They’re interfacing with their api.
maybe logging all the requests too.
and sending the database to 1password for a refferal commission or something
but still. we all know, Nothing on the Internet is free so that’s the price we pay. at least now we know the email is pwned and need a better sanitation habit.


#19

I Just came across this case study!