Nice
Does it include the 46,524 recently dumped by El Reg?
Security researchers have set up a website that allows punters to check whether or not their email addresses have appeared in data dumps slurped from compromised databases. Hacking attacks on sites including Gawker and the network of Sony's gaming division have led on to the publication of hundreds of thousands of users' …
"Theriault concludes that if users even think their login credentials might have been compromised they ought to change their login credentials"
On which, of the many hundreds of forums and businesses I've used that email, should I change the password. Given that, in keeping with best practice, they're all unique.
Without that information it's *useless*. There's a huge difference between some old forum login I've forgotten about getting leaked and a bank account.
"Users enter a username or email address into the site’s search box to find out if their username has appeared in any recent public data dumps. Users are not prompted to enter their password itself."
So this website now has your email address as a result of your search, but not your password.
So what information do spammers use to send you spam?
You are replying to a post that mentions the SHA 512 hash option, which appears in the first paragraph on the web site. Did you not read down that far in either of these, or do you think that the hash is personally-identifying or has some other value to a third party?
This post has been deleted by its author
Who's to tell me that this is legit, in comparison to another website that asks you to enter your email address 'and we will check for you if your address appears on any other list'.
Are you?
Go ahead, downvote as much as you want.
But, this is a bit like that big red button that says 'do not push'... You kinda want to enter your email address, don't you? ;-)
My email address of 12 years is on the list, but I've used that to sign up for just about everything over that time. So the email address could be on there for any number of reasons.
It has a unique 16 character random password that I created about a year ago, so should be safe. If not, tough; I really cannot be bothered to create a new one and update every password manager on all my machines again just to be sure.
Damn I wish I hadn't checked that site now!