Science

Think Your Email Has Been Hacked? This Site Helps You Check Anonymously

Nearly half of all Americans have been the victim of a data breach. Watch your back.

by Peter Rugg
Getty

About half of all Americans were victims of a digital hack in 2014. Data breaches at Target and eBay, not to mention this summer’s Ashely Madison hack, have exposed millions. Now a site claims to at least let you know if and when you’ve been hacked.

Newly-launchd Hacked Emails allows you to check on whether your — or anyone else’s — email has been compromised in a security breach. Site founder José M. Chia promises that any checks are completely anonymous, with results checked against leak results posted to the Deep Web. We tested out a few e-mails and show the results below. As always, enter your email address at your own risk!

If an email address is all-clear, it’ll look like this:

If it’s not clear — like for example if you’re Amy Pascal, the former chairperson of the Motion Pictures Group of Sony Pictures Entertainment, whose email was hacked apparently in response to Sony’s release of The Interview in 2014, it’ll look like this:

(You can click on links to find your hacked email address on a list on a Pastebin page.)

Chia explained his motivation’s in a Q&A with Inverse. He notes that English is not his first language.

What was your motivation to design the site?

In first place I love big data and netsec. One night I was talking with my sister about how many data breaches were going on and we realize that there wasn’t any site in Spanish notifying users about leaks. I know there are good English sites covering the leaks, but I wanted to give the project an statistical approach so even the pastes have an individual record about the lines, file size, author of each of them. Two days later, I started coding it.

How can you assure people you are not collecting the emails they enter?

I don’t. I take very seriously the privacy of the visitors and I would love if this project endures per years. Imagine that my site gets hacked… if I kept the visitors’ emails all this information will be leaked too, and that would be embarrassing for me. I tried to build the most secure site I could and I don’t keep any info about the visitor (except the info collected with Google Analytics which can be disabled).

Why did you believe a site like this was important?

The purpose of the project is to be able to check anonymously and free of charge if they were affected by data breaches. Free of charge and 100 percent anonymity is my top priority.

What’s your personal background with hacking?

I didn’t have too much background in the hacking scene, I’m a curious person and I love to learn about security and how to break and protect things but I never moved to real action. I sent patches to a couple of well-known tools like wifite and sn1per in their early releases because I love those tools. I think I’m more related to free software. I’ve helped since I was a teenager to translate and bug-fix big projects like Debian, Firefox or Ubuntu, and a lot of smaller ones that fell into oblivion.

You can also follow the project on Twitter at @hacked_emails for updates on the most current leaks.

Again, according to a 2014 study from the Ponemon Institute the personal information of about 110 million Americans was exposed in breaches over just 12 months. That’s a 47 percent chance at least one of your email addresses was violated. And while Chia notes that some of those compromised accounts might not appear in his search, any tool to help keep yourself secure is a welcome one.