The internet in the past few months has been full to bursting with news about hackers attacking companies, governments and individuals alike. Since the massive data breach at Sony’s PlayStation Network, hackers have launched major attacks against other gaming companies like Sega and important government databases like the British census. With so many opportunities to have private data scattered across the internet, The New York Times offers a tool that can help identify the victims of these data breaches.
Put together by Daniel Grzelak, an Australian technology professional and former security consultant, the new site “Should I Change My Password?” takes an input email address and scans 13 publicly available stashes of private information. If the search comes up negative, the site offers a green light, but adds a warning against re-using passwords across sites and suggests regularly changing important passwords. In the event the search comes up positive, the site lists the minimum number of compromises and the date of the most recent, along with similar advice on password security.
Grzelak explains he created the site as a means of reassuring or helping family and friends who were concerned about the security of their email, but the project has begun to expand to help check corporate accounts. He notes that even if the people who initially hack an account mean no real harm, plenty of people with access to these databases might, and those 13 alone include 800,000 accounts.
Comparatively, the original PlayStation Network attack involved the personal information of 77 million people, including email addresses and passwords for that system. The people responsible for those attacks have not revealed themselves, but Forbes notes that Lulzsec, the latest darling of the hacker scene, has similarly gotten access to numerous personal accounts. That group insists its attacks are mostly a matter of entertainment, but they have made a habit of posting potentially critical or even embarrassing personal information in public.
The Wall Street Journal notes that the biggest problem with the recent emphasis on cracking major databases is mostly that people do tend to rely on the same passwords as Grzelak warned against. A study from security-software company PC Tools found that 47 percent of men and 26 percent of women use only a single password, while some of the most popular passwords remain “password,” “123456” and “qwerty.”