We all know that our identities are at risk of being stolen, we’ve all grown tired of hoping a company will fess up when they’ve been breached, and we’ve all heard the horror stories of credit being unknowingly destroyed by strangers.
And so far, the only real solution is to remain vigilant and changing all of your passwords when you hear that a major company (be it a file storage company or a major retailer) has had a breach.
Today, there’s another solution. Enter HackNotice, a service that allows you to be proactive with your identity by finding out what hackers know about you and what they’ve recently stolen that is yours.
The co-founder of PwnedList is the brains behind HackNotice and sought to create a meaningful tool for consumers, noting that businesses have ample tools available, but individuals are nowhere near as empowered.
“Learn what hackers know about your digital identity and where you’ve been showing up in what dumps, leaks, and credentials,” Thomas explained.
So we’re not hackers here at The American Genius, and it’s all scary, but what we learned from HackNotice Founder, Steve Thomas, is that the real need is to address the blind spot in the security industry and to acknowledge that there are hacks every day that never make headlines.
Thomas combs the internet (including the Dark Web) as part of the hacker community, finds credentials and data dumps, indexing that and making the data totally public. That is far more impressive than getting an email from a retailer a year after a hack that says “oops, sorry.”
The problem as it exists today is that if your credit card is stolen, for example, you won’t find out until charges start popping up on your account. That information is typically sold once by a hacker, in bulk at $1-5 per credit card number, used to commit fraud by money mules who will steal what they can before the account is blocked.
Thomas advises that any time you find out you’ve used your credit card at a retailer, or sign in credentials on a website that has been hacked, don’t wait until you feel the ramifications, treat those accounts as if they are stolen (get a new credit card number and/or change your password). That’s the power of HackNotice – you don’t have to pray that you eventually learn about a particular vulnerability to address, you can learn through the site’s public index of secret hacks.
HackNotice brings threat intelligence to everyone, even us mere lay people mortals.
But we noticed by using the service that you can’t just insert your Social Security Number in and generate a list of vulnerabilities. Thomas said, “you should never put that number into anyone’s system,” even if you trust them.
Thomas himself, a longtime hacker community member, had his own info stolen last year. He says several of his passwords were freely shared, his SSN was publicly available, and charges were hitting his banks by the thousands. He can’t get a new social security number, and the data on him was repetitively stolen and shared, even his wife’s credit card pin number.
“Even I couldn’t keep track of all of the breaches last year,” he said, and he’s constantly combing for them. Which is the inspiration for HackNotice, to accumulate that data and make it publicly available, from the darkest corners of the internet.
Even the cyber security sector, which is typically a cynical bunch, is reacting positively to the HackNotice launch and Thomas’ efforts to fight back.
There’s a major knowledge gap, and Thomas is “taking a stab at solving that.” He notes that the current problem is that this is a “highly technical, nuanced security area,” and their mission is to “explain good security, and offer advice anyone can follow.”
Get ahead of the hackers by heading over to HackNotice to learn what they know about you, and be prepared to change your passwords and possibly request new credit card numbers.