One of the most common use cases for HIBP's API is querying by email address, and we support hundreds of millions of searches against this endpoint every month. Loads of organisations use this service to understand the exposure of their customers and provide them with better protection against
Imagine jumping on board a class action after your precious datas have been breached, then sticking through it all the way until a settlement is reached. Then, finally, after a long and arduous battle, cashing in and getting... $1. Well, kinda $1, the ParkMobile class action granted up to $1
Well, one of them is, but what's important is that we now have a platform on which we can start pushing out a lot more. It's not that HIBP is a particularly complex system that needs explaining in any depth, but we still get a lot
So I had this idea around training a text-to-speech engine with my voice, then using that to speak over the Sonos at home to announce AI-driven events, such as people ringing the doorbell. A few hours' worth of video from these weekly updates fed into ElevenLabs and wammo! Here
I only just realised, as I prepared this accompanying blog post, that I didn't talk about one of the points in the overview: food. One of my fondest memories as a child living in Singapore and now as an adult visiting there is the food. It's
Using AI to analyse photos and send alerts if I've forgotten to take the bins out isn't going to revolutionise my life, no more so than using it to describe who's at the mailbox when a letter arrives and at the front door when
It seems like every manufacturer of anything electrical that goes in the house wants to be part of the IoT story these days. Further, they all want their own app, which means you have to go to gazillions of bespoke software products to control your things. And they're
I'm fascinated by the unwillingness of organisations to name the "third party" to which they've attributed a breach. The initial reporting on the Allianz Life incident from last month makes no mention whatsoever of Salesforce, nor does any other statement I can find from
How much tech stuff do I have sitting there in progress, literally just within arm's reach? I kick off this week's video going through it, and it's kinda nuts. Doing runeos and house build doesn't help, but it means there's
Spoiler: I have data from the story in the title of this post, it's mostly what I expected it to be, I've just added it to HIBP where I've called it "Data Troll", and I'm going to give everyone a
We were recently travelling to faraway lands, doing meet and greets with gov partners, when one of them posed an interesting idea:
What if people from our part of the world could see a link through to our local resource on data breaches provided by the gov?Initially, I was
I think the most amusing comment I had during this live stream was one to the effect of expecting me to have all my tech things neat and ordered. As I look around me now, there are Shellys with cables hanging off them all over my desk, the keyboard I&
I'm often asked if cyber criminals are getting better at impersonating legitimate organisations in order to sneak their phishing attacks through. Yes, they absolutely are, but I also argue that the inverse is true too: legitimate organisations frequently communicate in ways that are indistinguishable from a phishing attack!
I've listened to a few industry podcasts discussing the Tea app breach since recording, and the thing that really struck me was the lack of discussion around the privacy implications of the service before the breach. Here was a tool where people were non-consensually uploading photos of others
This will be the title of the blog post: "Court Injunctions are the Thoughts and Prayers of Data Breach Response". It's got a nice ring to it, and it resonates so much with the response to other disasters where the term is offered as a platitude
I often wonder how much people in other professions genuinely love the industry they're in to the point that they'd do it regardless of the money. I'm sure there are examples, but I wonder how many lawyers look forward to doing something in the
If I'm honest, I was never that keen on a merch store for Have I Been Pwned. It doesn't make the code run faster, nor does it load any more data breaches or add any useful features to the service whatsoever. But... people were keen. They
The Stripe situation is frustrating: by mandating an email address on all invoices, we're providing a channel that sends customer queries directly through to us rather than via our support portal, which already has the answers many people are raising tickets for. It's frustrating because it
One of the greatest fears we all have in the wake of a data breach is having our identity stolen. Nefarious parties gather our personal information exposed in the breach, approach financial institutions and then impersonate us to do stuff like this:
So I recently somewhat had my identity stolen,This week's update is the last remote one for a while as we wind up more than a month of travel. I'm pushing this out just before we jump on the Qantas plane home... right after they've advised just how much of my data
