Noticed some changes? You can read all about the improvements we've made on the Forum in our latest announcement. We also have a new set of Forum rules so please take the time to give them a read and familiarise yourself.

711 million email addresses/passwords compromised

edited 30 November -1 at 1:00AM in Techie Stuff
8 replies 1.2K views
SpanishBlueSpanishBlue Forumite
391 Posts
Part of the Furniture 100 Posts Photogenic
edited 30 November -1 at 1:00AM in Techie Stuff
711,477,622 email addresses/passwords have been compromised according to "Have I been pwned?"

Should we be worried?


  • edited 30 August 2017 at 6:32AM
    esuhlesuhl Forumite
    9.4K Posts
    Part of the Furniture 1,000 Posts Name Dropper
    edited 30 August 2017 at 6:32AM
    Harrumph. My personal email address is listed.

    At first I was puzzled as I don't use this address as a login, but apparently there are both email/password logins and just email address to send spam to.
  • poppellerantpoppellerant Forumite
    1.7K Posts
    Ninth Anniversary 1,000 Posts Name Dropper Photogenic
    It'd be interesting to see which password they are using - that'd tell me how recent their password is and if I needed to change it. As it happens I don't know, so I'll change my passwords anyway.

  • AndyPixAndyPix Forumite
    4.8K Posts
    1,000 Posts Fifth Anniversary Name Dropper Photogenic
    This is very old news
  • RumRatRumRat Forumite
    4.1K Posts
    Seventh Anniversary 1,000 Posts Name Dropper Photogenic
    Should we be worried?
    No, not really, they are used mainly for spam and have been out there for some time.
    Anyway, lifes far too short.....;)
    Drinking Rum before 10am makes you
    Not an Alcoholic...!
  • S0litaireS0litaire Forumite
    3.5K Posts
    Part of the Furniture 1,000 Posts Combo Breaker
    That's the main problem with sites like "HiBP".
    you can't tell what password is listed in the list.
    So it's hard to tell if it's from an old list (and you've since changed your password!)
    Or it's a new list (Then a new password is required!)


    "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
  • kwikbreakskwikbreaks Forumite
    9.2K Posts
    Although some passwords are in plain text most are going to be hashes which shouldn't be possible to convert back to a password. If the companies were taking any care at all of user data there should be no plain text passwords but it seems that 000webhost for one did store plain text passwords. One of mine is there but is of zero consequence to me.
  • LorianLorian Forumite
    5.2K Posts
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    This list is not quite what it seems.

    Of the 112 entries on it that belong in my email domains 109 are totally random made up addresses that have never existed, and the other 3 were compromised a long time ago in other events.
  • forgotmynameforgotmyname Forumite
    31.5K Posts
    Part of the Furniture 10,000 Posts Name Dropper
    000webhost could be the one i used and that email address comes up on the list. But i never reuse passwords and they are all unique in format.

    I have a very random way of creating passwords, whats currently on my desk or on my screen and then jumble it around with a mix of numbers etc.
    Censorship Reigns Supreme in Troll City...

This discussion has been closed.