Troy Hunt
@troyhunt.com
Creator of Have I Been Pwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Weekly update is up! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti: www.troyhunt.com/weekly-updat...
Weekly Update 484
I think the start of this week's video really nailed it for the techies amongst us: shit doesn't work, you change something random and now shit works and yu have no idea why 🤷♂️ Such was my audio…
www.troyhunt.com
December 28, 2025 at 9:35 AM
Weekly update is up! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti: www.troyhunt.com/weekly-updat...
Reposted by Troy Hunt
New breach: WIRED magazine had 2.3M records allegedly breached from parent company Condé Nast and published online this week. Data included email and display name, some records contained additional personal data. 81% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/WIRED
Have I Been Pwned: WIRED Data Breach
In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company Condé Nast were published online. The most recent data dated back to the previous September and exposed em...
haveibeenpwned.com
December 28, 2025 at 12:16 AM
New breach: WIRED magazine had 2.3M records allegedly breached from parent company Condé Nast and published online this week. Data included email and display name, some records contained additional personal data. 81% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/WIRED
Big thanks to @malwarebytes.com for sponsoring my blog this week! Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing www.malwarebytes.com/browserguard...
Browser Guard: 100% free ad blocker browser extension
Malwarebytes Browser Guard for Chrome, Firefox, Safari and Edge helps protect your online privacy from ad trackers and more.
www.malwarebytes.com
December 27, 2025 at 2:43 AM
Big thanks to @malwarebytes.com for sponsoring my blog this week! Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing www.malwarebytes.com/browserguard...
Going live with my weekly update in 10 mins! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti
Weekly Update 484
Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti
www.youtube.com
December 26, 2025 at 10:30 PM
Going live with my weekly update in 10 mins! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti
Reposted by Troy Hunt
New breach: Russian airline Utair had 400k customer email addresses breached in 2019 and discovered the following year. Data also included name, physical address, DoB and passport number. 79% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Utair
Have I Been Pwned: Utair Data Breach
In August 2020, news broke of a data breach of Russian airline Utair that dated back to the previous year. The breach contained over 400k unique email addresses along with extensive personal informati...
haveibeenpwned.com
December 26, 2025 at 9:02 PM
New breach: Russian airline Utair had 400k customer email addresses breached in 2019 and discovered the following year. Data also included name, physical address, DoB and passport number. 79% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Utair
Reposted by Troy Hunt
A good mix of real security fails & a healthy dose of snark. @eff.org: 'The Breachies 2025: The Worst, Weirdest, Most Impactful Data Breaches of the Year.' Congrats (?) @troyhunt.com? www.eff.org/deeplinks/20... #cybersecurity @gate15.bsky.social @campuscodi.risky.biz @ransomwaresommelier.com
The Breachies 2025: The Worst, Weirdest, Most Impactful Data Breaches of the Year
Another year has come and gone, and with it, thousands of data breaches that affect millions of people. The question these days is less, Is my information in a data breach this year? and more How many...
www.eff.org
December 22, 2025 at 12:31 PM
A good mix of real security fails & a healthy dose of snark. @eff.org: 'The Breachies 2025: The Worst, Weirdest, Most Impactful Data Breaches of the Year.' Congrats (?) @troyhunt.com? www.eff.org/deeplinks/20... #cybersecurity @gate15.bsky.social @campuscodi.risky.biz @ransomwaresommelier.com
Reposted by Troy Hunt
New sensitive breach: Russian pharmaceutical company Gemotest had 31M records with 6.3M unique email addresses breached in 2022. Data included name, DoB, physical address, passport and insurance numbers. 70% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Gemot...
Have I Been Pwned: Медицинская лаборатория Гемотест (Gemotest) Data Breach
In April 2022, Russian pharmaceutical company Gemotest suffered a data breach that exposed 31 million patients. The data contained 6.3 million unique email addresses along with names, physical address...
haveibeenpwned.com
December 24, 2025 at 2:46 AM
New sensitive breach: Russian pharmaceutical company Gemotest had 31M records with 6.3M unique email addresses breached in 2022. Data included name, DoB, physical address, passport and insurance numbers. 70% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Gemot...
Weekly update is up! IoT all the things! A full walkthrough of all the connected stuff, warts and all. www.troyhunt.com/weekly-updat...
Weekly Update 483
Building out an IoT environment is a little like the old Maslow's Hierarchy of Needs. All the stuff on the top is only any good if all the stuff on the bottom is good, starting with power. This week,…
www.troyhunt.com
December 21, 2025 at 1:22 AM
Weekly update is up! IoT all the things! A full walkthrough of all the connected stuff, warts and all. www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 10 minutes! IoT all the things! A full walkthrough of all the connected stuff, warts and all. youtube.com/live/M5eRKlO...
Weekly Update 483
IoT all the things! A full walkthrough of all the connected stuff, warts and all.
youtube.com
December 18, 2025 at 10:20 PM
Going live with my weekly vid in 10 minutes! IoT all the things! A full walkthrough of all the connected stuff, warts and all. youtube.com/live/M5eRKlO...
Big thanks to @1password.bsky.social for sponsoring my blog this week! 1Password Extended Access Management: Secure every sign-in for every app on every device. 1password.com/troyhunt
Enterprise Password Manager | 1Password
Secure sensitive data and combat shadow IT using 1Password, an enterprise password manager designed for effective team-wide password management and security.
1password.com
December 18, 2025 at 9:41 PM
Big thanks to @1password.bsky.social for sponsoring my blog this week! 1Password Extended Access Management: Secure every sign-in for every app on every device. 1password.com/troyhunt
Reposted by Troy Hunt
New breach: French vehicle inspection company AUTOSUR had 10M records with 487k unique email addresses breached in March. Data also included name, address, phone and vehicle details. 78% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/AUTOSUR
Have I Been Pwned: AUTOSUR Data Breach
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data inclu...
haveibeenpwned.com
December 18, 2025 at 5:17 AM
New breach: French vehicle inspection company AUTOSUR had 10M records with 487k unique email addresses breached in March. Data also included name, address, phone and vehicle details. 78% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/AUTOSUR
Reposted by Troy Hunt
New breach: Now defunct forum for making money with botting "The Botting Network" was breached in 2012, exposing 96k records. Data included email address, username, DoB and salted MD5 password hashes. 97% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/TheBo...
Have I Been Pwned: The Botting Network Data Breach
In August 2012, the forum for making money with botting "The Botting Network" suffered a data breach that exposed 96k user records. The now defunct vBulletin forum leaked 96k email addresses, username...
haveibeenpwned.com
December 18, 2025 at 1:38 AM
New breach: Now defunct forum for making money with botting "The Botting Network" was breached in 2012, exposing 96k records. Data included email address, username, DoB and salted MD5 password hashes. 97% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/TheBo...
Reposted by Troy Hunt
New breach: In July 2016, the Web Hosting Talk vBulletin forum had 515k records breached. Data included email and IP address, username and salted Md5 password hash. 85% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/WebHo...
Have I Been Pwned: Web Hosting Talk Data Breach
In July 2016, the Web Hosting Talk forum suffered a data breach that was subsequently listed for sale. The breach of the vBulletin based forum exposed 515k user records including usernames, email addr...
haveibeenpwned.com
December 17, 2025 at 10:50 PM
New breach: In July 2016, the Web Hosting Talk vBulletin forum had 515k records breached. Data included email and IP address, username and salted Md5 password hash. 85% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/WebHo...
Weekly update is up! Spicers Pwned (and visited); 630 Million Passwords via the FBI; Qantas Breach Spam www.troyhunt.com/weekly-updat...
Weekly Update 482
Perhaps it's just the time of year where we all start to wind down a bit, or maybe I'm just tired after another massive 12 months, but this week's vid is way late. Ok, going away to the place that…
www.troyhunt.com
December 16, 2025 at 11:35 PM
Weekly update is up! Spicers Pwned (and visited); 630 Million Passwords via the FBI; Qantas Breach Spam www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 13 mins! Spicers Pwned (and visited); 630 Million Passwords via the FBI; Qantas Breach Spam youtube.com/live/LXDI04Q...
Weekly Update 482
Spicers Pwned (and visited); 630 Million Passwords via the FBI; Qantas Breach Spam
youtube.com
December 14, 2025 at 9:32 PM
Going live with my weekly vid in 13 mins! Spicers Pwned (and visited); 630 Million Passwords via the FBI; Qantas Breach Spam youtube.com/live/LXDI04Q...
We're very happy to help the FBI with processing another 630M passwords recently seized from a suspect. This includes 46M we'd never seen before, which are now all in @haveibeenpwned.com's Pwned Passwords, where they're queried 18 *billion* times a month: www.troyhunt.com/processing-6...
Processing 630 Million More Pwned Passwords, Courtesy of the FBI
The sheer scope of cybercrime can be hard to fathom, even when you live and breathe it every day. It's not just the volume of data, but also the extent to which it replicates across criminal actors se...
www.troyhunt.com
December 12, 2025 at 9:36 PM
We're very happy to help the FBI with processing another 630M passwords recently seized from a suspect. This includes 46M we'd never seen before, which are now all in @haveibeenpwned.com's Pwned Passwords, where they're queried 18 *billion* times a month: www.troyhunt.com/processing-6...
Reposted by Troy Hunt
New breach: Russian streaming service KinoKong had over 800k records breached in March 2021. Data included email, name, username, IP address and MD5 password hash. 64% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/KinoK...
Have I Been Pwned: KinoKong Data Breach
In March 2021, the Russian online streaming service KinoKong suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 800k unique email addresses...
haveibeenpwned.com
December 6, 2025 at 8:16 AM
New breach: Russian streaming service KinoKong had over 800k records breached in March 2021. Data included email, name, username, IP address and MD5 password hash. 64% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/KinoK...
Weekly update is up! It's @haveibeenpwned.com's 12th-birthday celebrtation, with special guest Charlotte Hunt 😊 www.troyhunt.com/weekly-updat...
Weekly Update 481
Twelve years (and one day) since launching Have I Been Pwned, it's now a service that Charlotte and I live and breathe every day. From the first thing every morning to the last thing each day, from ho...
www.troyhunt.com
December 5, 2025 at 7:16 AM
Weekly update is up! It's @haveibeenpwned.com's 12th-birthday celebrtation, with special guest Charlotte Hunt 😊 www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 15 mins! It's the Have I Been Pwned 12th Birthday Special with Charlotte! youtube.com/live/fKkcx4d...
Weekly Update 481
It's the Have I Been Pwned 12th Birthday Special with Charlotte! Sponsored by Report URIhttps://www.troyhunt.com/weekly-update-480/
youtube.com
December 4, 2025 at 9:45 PM
Going live with my weekly vid in 15 mins! It's the Have I Been Pwned 12th Birthday Special with Charlotte! youtube.com/live/fKkcx4d...
I've had this dumb report too many times, and Bruce has finally tipped me over the edge. @haveibeenpwned.com is a real service that looks up email addresses in actual data breaches, but some people don't understand what an email address actually is www.troyhunt.com/why-does-hav...
Why Does Have I Been Pwned Contain "Fake" Email Addresses?
Normally, when someone sends feedback like this, I ignore it, but it happens often enough that it deserves an explainer, because the answer is really, really simple. So simple, in fact, that it should...
www.troyhunt.com
December 3, 2025 at 11:38 PM
I've had this dumb report too many times, and Bruce has finally tipped me over the edge. @haveibeenpwned.com is a real service that looks up email addresses in actual data breaches, but some people don't understand what an email address actually is www.troyhunt.com/why-does-hav...
Happy birthday @haveibeenpwned.com! 12 years ago today, I pushed out a blog post launching a little data breach search tool, and life changed forever. Reading the post again now, did I get it right? 😎 www.troyhunt.com/introducing-...
Introducing “Have I been pwned?” – aggregating accounts across website breaches
I often write up analyses of the passwords disclosed in website breaches. For
example, there was A brief Sony password analysis
[https://www.troyhunt.com/2011/06/brief-sony-password-analysis.html] bac...
www.troyhunt.com
December 3, 2025 at 8:02 PM
Happy birthday @haveibeenpwned.com! 12 years ago today, I pushed out a blog post launching a little data breach search tool, and life changed forever. Reading the post again now, did I get it right? 😎 www.troyhunt.com/introducing-...
Reposted by Troy Hunt
New breach: The Nissan 240SX Silvia and Z Fairlady car forum Zilvia[.]net had 288k records breached and leaked in Nov. Data included email and IP address, username and salted MD5 password hash. 81% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Zilvia
Have I Been Pwned: Zilvia.net Data Breach
In November 2025, data breached from the Zilvia.net Nissan 240SX Silvia and Z Fairlady car forum was leaked. The breach exposed 288k unique email addresses along with usernames, IP addresses and salte...
haveibeenpwned.com
December 1, 2025 at 7:42 AM
New breach: The Nissan 240SX Silvia and Z Fairlady car forum Zilvia[.]net had 288k records breached and leaked in Nov. Data included email and IP address, username and salted MD5 password hash. 81% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Zilvia
Weekly update is up! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification www.troyhunt.com/weekly-updat...
Weekly Update 480
Well, I now have the answer to how Snapchat does age verification for under-16s: they give an underage kid the ability to change their date of birth, then do a facial scan to verify. The facial scan…
www.troyhunt.com
December 1, 2025 at 7:42 AM
Weekly update is up! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification www.troyhunt.com/weekly-updat...
Going live with my weekly vid in 15 mins! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification youtube.com/live/er_acho...
Weekly Update 480
The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification; Sponsored by Report URI
youtube.com
November 27, 2025 at 9:45 PM
Going live with my weekly vid in 15 mins! The Australian Under 16 Social Media Ban: Parenting Responsibilities, Government Control, Privacy and Identity Verification youtube.com/live/er_acho...