Looking for Data Breaches? You Don’t Have to Look Far.

So, I was having a bit of writer’s block when trying to come up with the next post, but a conversation on MadIRC the other day gave me an idea. Someone mentioned that he was trying to create a site similar to ‘;– Have I Been Pwned, and was wondering where to find lists of database breaches.

If you’re unfamiliar with Have I Been Pwned, the basic idea is that it has logs of large database breaches on such sites as LinkedIn, MySpace (yes, that still exists), and Wife Lovers. You can type in your email address, and it will inform you if your email is listed on any of the data breaches.

haveibeenpwned_sample

I hate to admit it, but I think some of my data has been part of these breaches at one time or another. Luckily, the accounts were on services I no longer use, like the abovementioned MySpace or AOL (yes, I used AOL back in the day).

Other breaches include Adult Friend Finder, Adobe, AhaShare.com, Badoo, Brazzers, AKP Emails, and of course the notorious Ashley Madison. It seems as though some of these data breaches are trying to make a political or moral statement, like…”Don’t cheat on your partner!”

ashley_logo

If you are looking for lists of breaches like this, some can be found on the dark web. The ones I’ve seen have been on sites like Doxbin or other Pastebin-like sites. Oddly enough, you don’t have to go on the dark web for this; some of these data dumps can be found on the clearnet as well.

Just a minute ago, I searched for “pastebin data dump” on DuckDuckGo and found a few interesting results. Here are two examples:

IRCFederal.com Full Release Text

Amanda Todd’s Punisher Dox

I know for certain that there are others, but I was unable to find them at the moment. Doxbin shut down a while back, and I don’t know for certain whether a new similar site exists. At one point, I came across a site called “The Doxxters,” who were supposedly offering to dox people as a service. Last I checked, this site had disappeared as well.

My point is that if you do want to find these data dumps, you’ll have to do some digging of your own, whether on the clearnet or on Tor. It doesn’t seem to be as difficult as you might think, however – it’s kind of similar to finding links…sssssh!

As a matter of fact, you’re in luck – I did a Tor search on Ahmia just a second ago and found a number of results.

ahmia_dox

In short, it looks like the kind of thing that would involve a lot of research and hunting around. Maybe this would be a partnership project? I don’t know if I’ll ever talk to the guy who asked about this again, but hey – if you’re out there, I’d love to help you do the research!

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.