Quickhit: How to check if your password was exposed in Gawker hack

From Computerworld:

Researcher HD Moore spells out how to see what accounts were among 1.3M accessed by hackers

Gawker apologized for the breach, and urged users to change their passwords. If that password was used for accessing other sites, Gawker recommended that users change it for those destinations as well.

“It’s best to assume that your username and password were included among the leaked data,” Gawker said in an FAQ it posted on the Lifehacker site.

Moore had a better idea, and has assembled a way for people to check whether their account, including their password, has been compromised.

Moore used MD5 hashes of the e-mail addresses in the list he posted as a Google Fusion Table so users could check whether their accounts had been compromised without exposing the addresses a second time.

“This is a little clunky, but [it] works,” he said.

Categories: technology


4 replies

  1. I might do a post later in the week on various tools that you can use to have a different password on all websites you visit, so that at least compromises like this don’t expose that password that you use everywhere.

  2. I would love to read that post, Mary!

  3. I found a better site to check for email or usernames…
    The site lets you input your email address, username or md5hash.
    It does a case insensitive search and they claim to have even fixed typos in the database.
    They also have have some sort of “fuzzy” search function.

%d bloggers like this: