How to Check If Your Email Account Has Been Hacked

The news is full of reports of hackers breaking into online databases and stealing personal information from many thousands of accounts. Many of these compromised accounts have been published on the Internet by hacker groups like LulzSec and Anonymous. One way to check if your email account is among those published is described in the New York Times.  An Australian technology professional, Daniel Grzelak, has created a website where you can check whether your email account is in 13 publicly available stashes containing more than 800,000 stolen records. The site is called Should I Change My Password. It is a straightforward process to go there, enter your email address, and have it checked.   

Unfortunately, the fact that your email account is not on this particular list does not mean that it has never been hacked. There are probably millions of stolen accounts being kept under wraps by hackers. But at least you will know if the recent break-ins by  groups like LulzSec have compromised your account. 

Get your own favorite tip published!  Know a neat tech tip or trick?  Then why not have it published here and receive full credit?  Click here to tell us your tip.


This tips section is maintained by Vic Laurie. Vic runs a Windows blog called The PC Informant and also operates a computer education website.

Click here for more items like this. Better still, get Tech Tips delivered via your RSS feeder or alternatively, have the RSS feed sent as email direct to your in-box.

Share this
3.875
Average: 3.9 (16 votes)
Your rating: None

Comments

by howiem on 13. September 2012 - 12:07  (99204)

Vic,
Here's another site that checks email addresses to see if they have been compromised http://www.pwnedlist.com, which claims to have a database of 23 million sets of email address/passwords which have been compromised. The site offers free email monitoring services for individuals (registration required)
I checked the site at WOT and in the comments there are links to sites that your readers might want to check out- http://www.mywot.com/en/scorecard/www.pwnedlist.com
It might be worth checking out.

by Me Myself and I (not verified) on 22. January 2012 - 3:03  (87567)

There is no guarantee that information you store on an online account for a banking institution, or a credit card you've used for, say, an Amazon.com purchase couldn't be harvested by employees of the institutions either- there have been documented cases of embezzlement by bank employees, and in this case it happened to me several years ago- before the internet- a $300 deposit I made was stolen by two bank employees of a bank in the local area, and since I did not have the atm receipt for the deposit, I couldn't prove that the money had been stolen.

So, you see, the previous statement that nothing is 100 percent safe is true- you take common-sense precautions, and very often we learn from our mistakes when we are taken advantage of by unscrupulous people who have no other aim than to benefit anonymously from the hard work of others regardless of the harm they cause.

by Jorpho (not verified) on 28. June 2011 - 12:49  (74467)

I don't get it.

"The news is full of reports of hackers breaking into online databases and stealing personal information from many thousands of accounts. Many of these compromised accounts have been published on the Internet by hacker groups like LulzSec and Anonymous."

Just what is in these publications? When I first read this, I thought the issue was whether *E-mail account passwords* have been hacked – but the news has not posted reports of Yahoo or GMail or Hotmail getting hacked lately.

But it occurs to me that one's E-mail address might be stored in one of these databases along with one's password information for _other_ services, in which case it would make sense to change those passwords – if one hasn't already, after reading about it in the news.

by FakeUsername (not verified) on 28. June 2011 - 11:27  (74464)

Keep in mind that if the site does recognize your email it doesn't mean it was actually hacked. Mine was there because it was in the gawker db that got hacked last year, I used a unique (generated) password there so I'm not worried.

by JM (not verified) on 26. June 2011 - 19:06  (74371)

.
From the description above:
"The site is called Should I Change My Password. It is a straightforward process to go there, enter your email address, and have it checked."

By doing so, you are taking a big chance on having your email address harvested and sold to the Dark Side.

Bad idea, guys, bad idea.
.

by beNjDeN (not verified) on 29. June 2011 - 1:28  (74490)

Yeah right... what fool decided on this ONLINE app? A desktop solution would be much more secure and, of much more interest.

by v.laurie on 26. June 2011 - 19:41  (74374)

@JM:

Are you accusing Daniel Grzelak of harvesting email addresses? Do you have any evidence for this? Note that the site contains this statement:

"If you have any questions or concerns, please contact me on twitter @dagrz (https://twitter.com/dagrz).
The email you enter will NOT be stored, transmitted, or otherwise used beyond this check."

Have you contacted Daniel Grzelak? If you have any evidence about dangers from this site, please tell us about it.

Undocumented inflammatory statements of this type are not helpful.

by Anonymous1 (not verified) on 27. June 2011 - 11:06  (74392)

Vic,

I frequently read your posts on here and elsewhere and would have few reservations about trusting you.
Having said that I think that JM has a reasonable point.

Along no doubt with a lot of other people I have never previously heard of Daniel Grzelak and while he might well be a perfectly honourable and trustworthy person I have no knowledge of that either way.

I am sure that you would not recommend taking everything you read on line at face value, especially where it concerns privacy/security so I find the last line of your reply to JM somewhat surprising.

by v.laurie on 27. June 2011 - 14:55  (74401)

Safety concerns about unknown sites are certainly warranted. I very much agree that care must be taken when revealing an email address on the Internet. It would certainly be in order to inquire about the reliability of a site that is mentioned here.

JM didn't inquire; without presenting any evidence, he made the categorical statement that using the site was a bad idea. He states, "By doing so, you are taking a big chance on having your email address harvested and sold to the Dark Side." This impugns Mr. Grzelak's integrity and implies that the New York Times is dishonest and/or incompetent for reporting Grzelak's site. Because he is so emphatic, the burden of proof passes to JM. I again ask for any evidence that anyone has to support this assertion.

My last sentence in the previous comment refers to making categorical but unsupported statements, not to the general principle of being skeptical about anything on the Internet. My position about the dangers of the Internet has been clear for many years.

Anyway, thanks for your comment, Anonymous1. I hope that I have cleared up what I meant before.

by syntax_error on 28. June 2011 - 0:17  (74439)

"I hope that I have cleared up what I meant before."

Not really,the question is have you contacted Daniel Grzelak, or have you verified that he has taken reasonable steps to secure his site, which otherwise may be a great way for the "dark side" to obtain new email addresses.

If by chance you have taken something that you have read on the internet from persons unknown at face value, then JM is wise to suggest caution.

If you are going to say a newspaper is dishonest and/or incompetent for reporting a web site without undertaking a thorough investigation, dare I say you are going to cast a wider net than the New York Times :)

by v.laurie on 28. June 2011 - 0:29  (74441)

I suggest you read the New York Times post that is referenced in the tip. You may find some answers there.

Syntax_error, you write, "If by chance you have taken something that you have read on the internet from persons unknown at face value, then JM is wise to suggest caution." That "if" has no bearing here. The source is referenced.

by PChammer (not verified) on 28. June 2011 - 4:59  (74448)

After reading both sides of this, I found that neither had any bearing on my thoughts whatsoever, no push or pull.

I personally wouldn't use a site to find out if my email address was hacked, and not because I feel the site is going to steal or collect anything, it's funny how the same who make undocumented claims against Daniel Grzelak or even not, probably threw their email on this site in order to post. What makes that any safer?

The internet is not safe, period. Either we take a risk accessing the internet and use caution and securities to the best of our ability, or not use the internet. It is truly is that simple.

That said, back to my point, I wouldn't use a site to find out if my email was hacked. Why? Because, common sense or reading should tell us, change your passwords ANYWAY. If there is any doubt, any hint of compromise, then by golly, take a minute, maybe a minute and 30 seconds to change the darn password. This should be done regularly anyway.

So sure, let's pretend one site is harvesting email addresses as we get junk mail through the nose from NEVER going to that site to begin with.

Hey,I just woke up and I smell coffee, do you?

by 7th Hokage on 3. July 2011 - 6:01  (74679)

PChammer, I 99% agree with you. Why it is only 99% is that because people do tend to check whether their real personal or business email address that has been previously hacked and not fake email like the one use to post comments or registered here and there, I believe there's article on Gizmo about this matters also.

So I personally feel this article is not quite safe internet practising to do. Please be cautious because this could lead people to give their real email address to 'unknown party'. I do not want that to happen especially to Gizmo community because they read (suggested) by this article.

100% agree with JM, Anonymous1 & syntax_error.

by Concerned User on 26. June 2011 - 13:27  (74354)

Thank you for this useful article:)

by v.laurie on 26. June 2011 - 14:17  (74360)

You're welcome, Concerned User.

by Anupam on 25. June 2011 - 18:44  (74330)

Thanks for this article :).

by v.laurie on 25. June 2011 - 19:55  (74332)

You're welcome, Anupam.

Gizmo's Freeware is Recruiting!

Gizmos Needs YouShare your knowledge of free software with millions of Gizmo's readers by joining our editing team.  Details here.