April 23, 2021

Is it worth the effort to monitor haveibeenpwned for our customers’ data?

I work in a company that has a few million email addresses in its database. I’ve started using haveibeenpwned to monitor our internal distribution lists (e.g. *[email protected]*). If one of those has been breached, there’s a decent chance the hackers got it from us.

Now that I’m learning the haveibeenpwned API, I’m wondering if there would be value in setting up our server to continually check a sample of our customer email addresses. If we see a bunch of our customers showing up on a small paste, it could be a sign that we may have been breached.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.