Wow, out of the six data breaches I was maybe involved in, three of them I had no idea about, and a fourth was a company I have never heard of in my life. That's disheartening.
posted by hippybear at 11:33 AM on May 19, 2023 [3 favorites]

hippybear, same. I hadn't heard of two of the six I'd been involved in. I feel a little queasy.
posted by pangolin party at 11:49 AM on May 19, 2023 [2 favorites]

I've been involved in many breaches, but they all seem harmless - my email address(es) are no secret. As for usernames - no secrets there either. They're all for software or websites I no longer use and carry no financial or social importance to me (Houzz, Adobe, etc.). Same for location. What am I (naively) missing?
posted by j810c at 11:50 AM on May 19, 2023 [4 favorites]

Your email has only been found in three breaches. Unfortunately that isn't enough to power this visualisation.

Darn?
posted by Jawn at 12:08 PM on May 19, 2023 [6 favorites]

One interesting thing, after hearing people give reports about what ChatGPT had to say about their life and accomplishments and sometimes death, most of it not true, I asked the bot about my full name, what did it know about me?

It knew nothing about me.

I've worked pretty hard to keep my real name off the online world. That it's in some data breaches isn't a big deal to me, but I'm glad you can't just google me and read my online life.
posted by hippybear at 12:13 PM on May 19, 2023 [2 favorites]

Your email has only been found in two breaches. Unfortunately that isn't enough to power this visualisation.


Not trying hard enough here. Will renew my efforts.
posted by skippyhacker at 12:26 PM on May 19, 2023 [4 favorites]

15 breaches for me! A third of them are companies I had never even heard of.
posted by mbrubeck at 12:30 PM on May 19, 2023 [1 favorite]

So I use two emails most of the time, but lately just the one tied to a personal site. The Gmail one was involved in six breaches (only 1 I didn't know about) so that would explain why I get so much junk mail sent to that address. The other email? Never.
posted by Kitteh at 12:31 PM on May 19, 2023 [1 favorite]

Whew, 27! What do I win? Oh, don't tell me, I know this one already - a free year-long subscription to a credit monitoring service
posted by potrzebie at 12:45 PM on May 19, 2023 [10 favorites]

Weird. Only a couple breaches for any of my current emails but I see "the full picture being exposed" with an ancient email I haven't used in years as it was rendered useless by spam. Says

Your email also shows up in a breach at VerificationsIO, which exposed dates of birth, email addresses, employers, genders, geographic locations, ip addresses, job titles, names, phone numbers, and physical addresses.

However, I never provided that kind of information with this email, or if I did it's either bogus or in the case of geographic location/IP, way out of date, so I'm not afraid.
posted by Rash at 12:53 PM on May 19, 2023 [2 favorites]

Shit, my work email has been in 22 breaches, and I didn't even recognize several of them: I mean, aside from the data brokers, when the hell did bonobos.com get my info??
posted by wenestvedt at 1:05 PM on May 19, 2023 [1 favorite]

See your identity pieced together from stolen data

er...I just saw a list of hacked websites which had contained an email address I've used. Not exactly watching anyone piece together anything about my identity. Is there actually a composite profile of me somewhere based on info from these hacks? Is that profile at all accurate? I have no idea and was disappointed that this didn't really give me any information about that.
posted by straight at 1:15 PM on May 19, 2023 [6 favorites]

There probably is a composite profile of you someplace, but nobody who'd build that would tell you what was in it.

To be clear, a number of the breaches "I" have been in were almost certainly because I have on the order of fifteen people in at least four continents who've accidentally used my first name + last initial Gmail address to sign up for things over the years. I think any profile anyone would try to build of me joining on "my" 27 breaches would be very confusing.
posted by potrzebie at 1:25 PM on May 19, 2023 [4 favorites]

Five breaches for me, but for all the site trumpets the terrifying possibility that these have created an accurate and penetrating profile of me, they show... none of this? And in aggregate, the breaches have revealed my email address, home address, and social media accounts, which anyone can find on Google if they know my first and last name.

So I guess I'm... reassured? This site certainly hasn't provided anything that raises my eyebrow in terms of information that's not deliberately public, and anything these "breaches" reveal isn't anything beyond the modern equivalent of what you'd get out of an old-timey white pages phone book.

If the intent was to make me more concerned about this issue, it's kind of had the inverse effect. I feel better than ever about my data breaches!
posted by Shepherd at 1:36 PM on May 19, 2023 [2 favorites]

Data Breeches -- big boy pants for modern times
posted by hippybear at 1:38 PM on May 19, 2023 [8 favorites]

"The types of information released most often in the breaches you've been caught up in are email addresses (9), names (8), phone numbers (6), physical addresses (5), and passwords (4).

Combine it all together and you're left with a pretty confronting image."

Could be worse ... Also, 3 of the 4 password breaches I have no recollection of.
posted by ZenMasterThis at 1:40 PM on May 19, 2023 [1 favorite]

I am also confused, they list my name, email address, and passwords for various sites (and I am pretty sure many of those password "breaches" were hashed & salted passwords, not plain text). In one breach my phone number. 4 of those things aren't secret.

If you want to know what services I use, you don't need to hack anything, just buy my data from Facebook.
posted by muddgirl at 1:43 PM on May 19, 2023 [2 favorites]

“Unfortunately” there’s not enough info on me out there - feel like they could have come up with a better way to put that!

I’ve received notification of plenty of breaches over the years, though, maybe just not stuff that includes my personal email?
posted by atoxyl at 1:53 PM on May 19, 2023 [1 favorite]

The personal email address I've been using since the 1990s was found in 21 breaches. My current gmail account, which I've had for years, was in zero, but I didn't start using it for online accounts much until the last 2 or 3 years, which I switched away from my 1990s account (which still receives mail, but I rarely use it).
posted by AzraelBrown at 1:55 PM on May 19, 2023 [2 favorites]

Six. Good ol' MyFitnessPal!
posted by Melismata at 2:11 PM on May 19, 2023 [4 favorites]

This is completely off-topic, but I've never heard the word "confronting" used as an adjective before. Is that specific to Australian English?
posted by rhymedirective at 2:22 PM on May 19, 2023 [2 favorites]

I'm at 9. I guess they have my gender and address from evite. But no hacker has sent me any packages, and I've not used an evite in 13 years. Rude.
posted by The_Vegetables at 2:49 PM on May 19, 2023 [2 favorites]

I'm at 30. Top that!
posted by signal at 3:23 PM on May 19, 2023 [3 favorites]

That's a very high signal to noise ratio!
posted by hippybear at 3:36 PM on May 19, 2023 [3 favorites]

> This story contains high-motion animation. Would you like to switch to reduced-motion mode?

bless them for this and i hope this catches on
posted by glonous keming at 3:50 PM on May 19, 2023 [8 favorites]

Oh noes, somebody "knows" the birthday associated with my email address is 1/1/69.
posted by straight at 3:51 PM on May 19, 2023 [3 favorites]

Not 4/20/69? Damn.
posted by hippybear at 3:59 PM on May 19, 2023 [3 favorites]

Hmm, there probably are a bunch of 12/31/69 birthdays in there where nulls got misread as actual dates
posted by KelsonV at 4:16 PM on May 19, 2023 [3 favorites]

My main email, which I only share with friends and family, has no data breaches. Yeah!

My I-don’t-give-a-crap addresses go from 3 (I was surprised at that one, it is a yahoo address I’ve had since the 1990’s) to 6. The worst is my gmail address, which is my first name and last name, and all the other people with the same name as me keep using my gmail address to sign up for random crap. This claims all sorts of private info about me has been breached with my gmail address, and I bet a lot of it is probably either wrong (because I always use a fake birthday and whatnot) or another persons data who used my address by mistake.
posted by fimbulvetr at 4:17 PM on May 19, 2023 [1 favorite]

the word "confronting" used as an adjective before. Is that specific to Australian English?

No idea, but it is normal in Australia, particularly in journalist English.
posted by deadwax at 5:02 PM on May 19, 2023 [3 favorites]

In my case they report that my date of birth and gender was stolen, based on a leak from a site that had that data for some people (very few, I'd guess). I understand they don't want to store that information, but couldn't they have just stored whether the breach contained a value in those fields or not? Otherwise, it seems like they are pretty badly overstating this (sure, there is a disclaimer about this being the worst case scenario, but then they keep stating things definitively).
posted by ssg at 5:11 PM on May 19, 2023 [4 favorites]

According to this article I 've been exposed a number of times, including a breach at Livejournal a few years back. For years I chronicled my drag queen adventures there, and as the site faded from relevance I started using it to keep my private medical journal... so now Russian crooks have access to everything from my musings about getting felt up at clubs to me fretting about my colon cancer. Have fun with all that, comrades!
posted by Ursula Hitler at 5:19 PM on May 19, 2023 [4 favorites]

for fake birthdays I always use Feb 29, 1968

takes 75% off my age.
posted by chavenet at 5:22 PM on May 19, 2023 [3 favorites]

Honestly, this metric seems less about "how vulnerable you are on the internet" and more about "how long you've been Very Online". Like, I do not have enough fake pearls to clutch about someone pwning my MySpace account. And Thingiverse? Really?
posted by phooky at 5:41 PM on May 19, 2023 [1 favorite]

18 distinct pieces of your identity have been potentially exposed, many of them multiple times over.

Interesting to see the sources.

NB: note the "potentially" qualifier. The page emphasizes that this is worst case.
posted by doctornemo at 5:46 PM on May 19, 2023 [1 favorite]

I used the address I know has been leaked due to a Battle.net breach in 2012. They didn't list that one, but it has by far been the most long lasting. I still get pings for people trying to log into it eleven years later.

It is the originator of my multi-account madness where I use only 1 email for gaming, 1 for shopping, 1 for travel and 1 for everything else.
posted by fiercekitten at 5:58 PM on May 19, 2023 [2 favorites]

If somebody stores plaintext passwords in 2023 they deserve to be flailed and skinned, for fucks sake, this is basic basic basic best practice for dealing with passwords and has been for very long.

Apologies for the fruity language.
posted by WaterAndPixels at 7:05 PM on May 19, 2023 [2 favorites]

The email address I have used for everything including all my random account signups for about two decades now: 1 breach.

The types of information released most often in the breaches they've been caught up in are email addresses (7), names (5), geographic locations (4), passwords (3), and usernames (3).

Passwords is the only thing here that is a problem? Like, my name, my location, these are things you can find on the bloody electoral register or that I hand out like candy to effectively anyone who asks (hey random ebay seller or dodgy webshop, here is my home address! And my name! Please send me the stuff I'm buying!)
posted by Dysk at 9:07 PM on May 19, 2023 [2 favorites]

4 for me. Three are just big database breaches. But I hadn't heard about Gravatar. I'm surprised. Doesn't Automattic own that?
posted by kathrynm at 10:26 AM on May 20, 2023 [1 favorite]

Woohoo! I win! ALL-THE-TILES...

Wait... isn't this how this is supposed to be played?

Not too worried - I have been following these for years (go Troy Hunt!) - my passwords are unique to each site, generated and my email and DOB aren't exactly secret.
posted by rozcakj at 7:38 PM on May 20, 2023 [1 favorite]

Damn, Neopets really fucked me lol
posted by GoblinHoney at 8:21 PM on May 20, 2023 [1 favorite]

About half sites of which I've never heard.
posted by jeffburdges at 11:41 PM on May 20, 2023 [1 favorite]

But how much of that discovered information is accurate? People are paying for details but they aren't paying for accurate details. I subscribe to a notification service telling me when my identity shows up in black market lists, and there are over a thousand entries claiming to have my password... all of them incorrect. The spam that I get frequently guesses my name wrong, not just my location, occupation, fluent languages, and even my sex.

If someone got my email address off of a public forum, then used ChatGPT to hallucinate an entire portfolio and sold that on the black market, this article would claim I've been exposed and that just isn't true.
posted by Mozai at 7:06 AM on May 22, 2023 [2 favorites]

Well, my gender was exposed in 2013, but fortunately I've changed it since then.
posted by eruonna at 11:25 AM on May 22, 2023 [5 favorites]

There exist many websites like fakenamegenerator.com which help users make up fake names, addresses, etc.

Yet, there are none which run semi-off-line as browser blug-ins, meaning they work off-line for captive portals but may update their database when on-line. Ideally Tor browser and Brave would provide some button to automatically fill out user details with lies, and then remember their lies so users could repeat them if later required. Someone should write this!
posted by jeffburdges at 1:54 PM on May 31, 2023 [1 favorite]