Cyber security is a big deal. Just ask the likes of Sony or Microsoft, whose online gaming services recently suffered massive hacks. If such big organizations are prone to hacks, it doesn't really require a thought on how safe accounts of normal users are.
Not long ago, noted security researcher and consultant Mark Burnett made headlines when he posted 10 million stolen usernames and passwords on his blog. Of course, he didn't post the passwords with malicious intent, but to "release a clean set of data."
This "clean set of data" gave the world insights into user behaviour, besides drawing attention to the arrest and prosecution of Barrett Brown. The list was actually made with the intention of creating awareness among users while writing a brand new password for a new account online.
Burnett went on to post the 10 million leaked usernames and passwords in one big torrent file that anyone can download in a matter of minutes. Luckily, one of the people who downloaded that file used it to create a simple website where anyone can check to see if his account has been compromised.
To check if your account has been hacked, simply visit this page on programmer Luke Rehmann's website. Here, you'll be able to search for your usernames and passwords in the leaked file.
However, if you are wondering whether Rehmann is just using this page to collect the usernames and passwords, and other inputs, BGR states that you can make searches with partial entries.
"So, for example, if your password is 'trustno1,' you can simply search 'no1' or 'trus' and see if one of your accounts comes up," the report states.
Interestingly, Burnett notes in his blog post that the usernames and passwords he posted are just a small fraction of data pulled from an earlier list of usernames and passwords holding more than 1 billion stolen credentials. Meaning, running a check on the site linked above doesn't guarantee that your usernames and passwords are safe.
But to check your usernames against more complete databases of stolen credentials, just visit Havibeenpwned.com and Pwnedlist.com.
Stay tuned for more updates!