I’ve been pwned. You’ve been pwned. We’ve all been pwned. Somewhere, somehow, some digital bit of our persona has appeared in one of countless data breaches that happen across the internet with alarming regularity.
The most recent breach—an exploitation of what may be an old and now closed Facebook vulnerability—means that records from more than 500 million users are free-floating out in the wild.
I tend to be blasé about such hacks. These companies are bad at protecting our data, and to be fair, we’ve also freely shared insane amounts of our personal information on public and only semiprivate platforms. I’m somewhat numb to it at this point.
“You’ve been pwned” is a gamer term for being “owned” or thoroughly beaten. In the case of data, it’s another way of saying you’ve been compromised.
After reading multiple articles about the Facebook breach, though, I started to get a little itch of concern. Facebook hasn’t been particularly transparent about the breach—until today, at least—and something about the scale of this data dump made me more uncomfortable about the breach than normal. Maybe it was the availability of phone numbers that could be used, for instance, in two-factor authentication attacks. Or perhaps it was the triangulation abilities that phone numbers provided to spammers, robocallers, hackers, and other bad actors.
How to know if you need to worry
Against my better judgment and ability to weather bad news—honestly, haven’t we had enough already?—I visited HaveIBeenPwned, an online clearinghouse for unpleasant news about your personal information. “You’ve been pwned” is a gamer term for being “owned” or thoroughly beaten. In the case of data, it’s another way of saying you’ve been compromised.
To use the site, you enter one of your data points—email, phone number, home address, etc.—and the site instantly tells you if you’ve been pwned and how that bit of data was scooped up in one of many…