Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How do they get a hold of all these leaks so fast?


Voluntary sharing, since afaik they don't pay the criminals to get the data. Either the criminals share it directly (fat chance, usually), or someone else bought it and shared it either publicly, privately with HIBP, or privately with someone who then reported it to HIBP

How this specific instance unfolded, time will have to tell. The leak may have occurred in 2020 for all we know at this point


There is a strange dynamic between the threat actors who conduct these breaches and researchers.

When not used for extortion and for "status" in the hacking community, they share them with researchers (commonly HIBP) to warn people about a site's security and so that site is forced to fix things.

Definitely a strange dynamic.


A form of ‘counting coup’ I imagine. [https://en.m.wikipedia.org/wiki/Counting_coup]


"Breach date: 28 September 2024" - I'm assuming they've checked with some recent signups to confirm the timeframe.

https://haveibeenpwned.com/PwnedWebsites#InternetArchive




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: