Ryfujk

Copying files interactively: "cp: overwrite"

How do ISS astronauts "get their stripes"?

Auto Insert date into Notepad

Contradiction with Banach Fixed Point Theorem

How to count words in a line

multiple definition of

Translation of "Engineering"

Difference between hypovolemic shock and heart arrest caused by hypovolemia?

What type of postprocessing gives the effect of people standing out

How would we write a misogynistic character without offending people?

What does 'Linear regularities among words' mean?

How can I handle a player who pre-plans arguments about my rulings on RAW?

Six real numbers so that product of any five is the sixth one

Do commercial flights continue with an engine out?

What can I substitute for soda pop in a sweet pork recipe?

Can you 'upgrade' leather armor to studded leather armor without purchasing the new armor directly?

How to speed up a process

Skis versus snow shoes - when to choose which for travelling the backcountry?

How to approximate rolls for potions of healing using only d6's?

Which aircraft had such a luxurious-looking navigator's station?

If a druid in Wild Shape swallows a creature whole, then turns back to her normal form, what happens?

Called into a meeting and told we are being made redundant (laid off) and "not to share outside". Can I tell my partner?

What am I? I am in theaters and computer programs

Whom do I have to contact for a ticket refund in case of denied boarding (in the EU)?

How can I be pwned if I'm not registered on that site?

Is “Have I Been Pwned's” Pwned Passwords List really that useful?Why is breach-detection site “Have I Been Pwned” considered safe?Email pwned versus password not pwned

28

4

I recently was emailed from HaveIBeenPwned.com (which I am signed up on) about the ShareThis website/tool (not signed up on).

I have no memory of signing up for that service.

When I go to recover the account (I might as well close/change password), I get this:

The two facts seem incongruous:

Either I had an account and it was pwned, or I didn't have an account (and thus HIBP is in error)?

How do I find out the true situation, and what is the most secutre course of action?

have-i-been-pwned breach

share|improve this question

edited 49 mins ago

Pureferret

asked 7 hours ago

PureferretPureferret

1,06631313

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Just making sure I understand this correctly. What you are saying is that you are signed up on HaveIBeenPwned.com but not on the ShareThis website?
  
  – kasperd
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @kasperd yes, sorry if that is not clear from my question
  
  – Pureferret
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  On my first reading of the question I thought you meant you were not signed up on HaveIBeenPwned.com in which case the answer to your question would have been that somebody was forging emails from HaveIBeenPwned.com in what might have been a phishing scam. After reading the answer and reading the question again, I realized I probably misunderstood the question the first time around.
  
  – kasperd
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  *pwnd --> pwned
  
  – jpmc26
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The dumps might also contain contact/invite database entries, so if somebody has uploaded an address book or you did „send this to a friend“ it all could be possible reasons. Does it say the dump contains a password?
  
  – eckes
  26 mins ago
  

  
  
  
  

add a comment | 

28

4

I recently was emailed from HaveIBeenPwned.com (which I am signed up on) about the ShareThis website/tool (not signed up on).

I have no memory of signing up for that service.

When I go to recover the account (I might as well close/change password), I get this:

The two facts seem incongruous:

Either I had an account and it was pwned, or I didn't have an account (and thus HIBP is in error)?

How do I find out the true situation, and what is the most secutre course of action?

have-i-been-pwned breach

share|improve this question

edited 49 mins ago

Pureferret

asked 7 hours ago

PureferretPureferret

1,06631313

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Just making sure I understand this correctly. What you are saying is that you are signed up on HaveIBeenPwned.com but not on the ShareThis website?
  
  – kasperd
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @kasperd yes, sorry if that is not clear from my question
  
  – Pureferret
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  On my first reading of the question I thought you meant you were not signed up on HaveIBeenPwned.com in which case the answer to your question would have been that somebody was forging emails from HaveIBeenPwned.com in what might have been a phishing scam. After reading the answer and reading the question again, I realized I probably misunderstood the question the first time around.
  
  – kasperd
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  *pwnd --> pwned
  
  – jpmc26
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The dumps might also contain contact/invite database entries, so if somebody has uploaded an address book or you did „send this to a friend“ it all could be possible reasons. Does it say the dump contains a password?
  
  – eckes
  26 mins ago
  

  
  
  
  

add a comment | 

I recently was emailed from HaveIBeenPwned.com (which I am signed up on) about the ShareThis website/tool (not signed up on).

I have no memory of signing up for that service.

When I go to recover the account (I might as well close/change password), I get this:

The two facts seem incongruous:

Either I had an account and it was pwned, or I didn't have an account (and thus HIBP is in error)?

How do I find out the true situation, and what is the most secutre course of action?

have-i-been-pwned breach

share|improve this question

edited 49 mins ago

Pureferret

asked 7 hours ago

PureferretPureferret

1,06631313

share|improve this question

edited 49 mins ago

Pureferret

asked 7 hours ago

PureferretPureferret

1,06631313

share|improve this question

edited 49 mins ago

Pureferret

asked 7 hours ago

PureferretPureferret

1,06631313

asked 7 hours ago

PureferretPureferret

1,06631313

asked 7 hours ago

PureferretPureferret

1,06631313

2 Answers
2

active

oldest

votes

37

From the FAQ:

Why do I see my email address as breached on a service I never signed up to?

When you search for an email address, you may see that address appear against breaches of sites you don't recall ever signing up to. There are many possible reasons for this including your data having been acquired by another service, the service rebranding itself as something else or someone else signing you up. For a more comprehensive overview, see Why am I in a data breach for a site I never signed up to?

It's likely some services allow signing up without confirming an email address, or that accounts that haven't confirmed email addresses are still stored indefinitely but cannot be logged in to, or any number of similar issues.

share|improve this answer

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

• 
  
  
  

  
  9
  

  
  
  
  
  
  

  
  
  You're last paragraph is helpful, It's possible my email was scooped up but not in a way I can do anything with it. Which is troubling. Thanks.
  
  – Pureferret
  6 hours ago
  

  
  
  
  


• 
  
  
  

  
  4
  

  
  
  
  
  
  

  
  
  One other possibility is that, more simply, the database where your address was found was a mix of multiple data leaks, with the majority of the data belonging to ShareThis.
  
  – DrakaSAN
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @Pureferret The good part is that if you were included because (for instance) someone else mistakenly used your email address, then you don't have to worry about more sensitive information like passwords being leaked as well.
  
  – bta
  1 hour ago
  

  
  
  
  

add a comment | 

11

Adding on to what AndrolGenhald said, they have deactivated all accounts associated with the breach so theres a good chance it won't show up regardless:

ShareThis has already deactivated the ShareThis accounts potentially associated with this incident, so if you created an account prior to January 2017, you may no longer be able to log in.

https://www.sharethis.com/data-privacy-incident/

share|improve this answer

edited 1 hour ago

answered 3 hours ago

hairydresdenhairydresden

3187

• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  Well spotted... Seems like an unusual approach?
  
  – Pureferret
  2 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  @Pureferret Unfortunately, I wouldn't know. I just got the email for our domain from HaveIBeenPwned today and was doing my reading on it.
  
  – hairydresden
  2 hours ago
  
  
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204701%2fhow-can-i-be-pwned-if-im-not-registered-on-that-site%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

37

From the FAQ:

Why do I see my email address as breached on a service I never signed up to?

When you search for an email address, you may see that address appear against breaches of sites you don't recall ever signing up to. There are many possible reasons for this including your data having been acquired by another service, the service rebranding itself as something else or someone else signing you up. For a more comprehensive overview, see Why am I in a data breach for a site I never signed up to?

It's likely some services allow signing up without confirming an email address, or that accounts that haven't confirmed email addresses are still stored indefinitely but cannot be logged in to, or any number of similar issues.

share|improve this answer

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

• 
  
  
  

  
  9
  

  
  
  
  
  
  

  
  
  You're last paragraph is helpful, It's possible my email was scooped up but not in a way I can do anything with it. Which is troubling. Thanks.
  
  – Pureferret
  6 hours ago
  

  
  
  
  


• 
  
  
  

  
  4
  

  
  
  
  
  
  

  
  
  One other possibility is that, more simply, the database where your address was found was a mix of multiple data leaks, with the majority of the data belonging to ShareThis.
  
  – DrakaSAN
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @Pureferret The good part is that if you were included because (for instance) someone else mistakenly used your email address, then you don't have to worry about more sensitive information like passwords being leaked as well.
  
  – bta
  1 hour ago
  

  
  
  
  

add a comment | 

37

From the FAQ:

Why do I see my email address as breached on a service I never signed up to?

When you search for an email address, you may see that address appear against breaches of sites you don't recall ever signing up to. There are many possible reasons for this including your data having been acquired by another service, the service rebranding itself as something else or someone else signing you up. For a more comprehensive overview, see Why am I in a data breach for a site I never signed up to?

It's likely some services allow signing up without confirming an email address, or that accounts that haven't confirmed email addresses are still stored indefinitely but cannot be logged in to, or any number of similar issues.

share|improve this answer

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

• 
  
  
  

  
  9
  

  
  
  
  
  
  

  
  
  You're last paragraph is helpful, It's possible my email was scooped up but not in a way I can do anything with it. Which is troubling. Thanks.
  
  – Pureferret
  6 hours ago
  

  
  
  
  


• 
  
  
  

  
  4
  

  
  
  
  
  
  

  
  
  One other possibility is that, more simply, the database where your address was found was a mix of multiple data leaks, with the majority of the data belonging to ShareThis.
  
  – DrakaSAN
  3 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @Pureferret The good part is that if you were included because (for instance) someone else mistakenly used your email address, then you don't have to worry about more sensitive information like passwords being leaked as well.
  
  – bta
  1 hour ago
  

  
  
  
  

add a comment | 

From the FAQ:

Why do I see my email address as breached on a service I never signed up to?

When you search for an email address, you may see that address appear against breaches of sites you don't recall ever signing up to. There are many possible reasons for this including your data having been acquired by another service, the service rebranding itself as something else or someone else signing you up. For a more comprehensive overview, see Why am I in a data breach for a site I never signed up to?

It's likely some services allow signing up without confirming an email address, or that accounts that haven't confirmed email addresses are still stored indefinitely but cannot be logged in to, or any number of similar issues.

share|improve this answer

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

share|improve this answer

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

answered 6 hours ago

AndrolGenhaldAndrolGenhald

11k42637

11

Adding on to what AndrolGenhald said, they have deactivated all accounts associated with the breach so theres a good chance it won't show up regardless:

ShareThis has already deactivated the ShareThis accounts potentially associated with this incident, so if you created an account prior to January 2017, you may no longer be able to log in.

https://www.sharethis.com/data-privacy-incident/

share|improve this answer

edited 1 hour ago

answered 3 hours ago

hairydresdenhairydresden

3187

• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  Well spotted... Seems like an unusual approach?
  
  – Pureferret
  2 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  @Pureferret Unfortunately, I wouldn't know. I just got the email for our domain from HaveIBeenPwned today and was doing my reading on it.
  
  – hairydresden
  2 hours ago
  
  
  

  
  
  
  

add a comment | 

11

Adding on to what AndrolGenhald said, they have deactivated all accounts associated with the breach so theres a good chance it won't show up regardless:

ShareThis has already deactivated the ShareThis accounts potentially associated with this incident, so if you created an account prior to January 2017, you may no longer be able to log in.

https://www.sharethis.com/data-privacy-incident/

share|improve this answer

edited 1 hour ago

answered 3 hours ago

hairydresdenhairydresden

3187

• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  Well spotted... Seems like an unusual approach?
  
  – Pureferret
  2 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  @Pureferret Unfortunately, I wouldn't know. I just got the email for our domain from HaveIBeenPwned today and was doing my reading on it.
  
  – hairydresden
  2 hours ago
  
  
  

  
  
  
  

add a comment | 

Adding on to what AndrolGenhald said, they have deactivated all accounts associated with the breach so theres a good chance it won't show up regardless:

ShareThis has already deactivated the ShareThis accounts potentially associated with this incident, so if you created an account prior to January 2017, you may no longer be able to log in.

https://www.sharethis.com/data-privacy-incident/

share|improve this answer

edited 1 hour ago

answered 3 hours ago

hairydresdenhairydresden

3187

share|improve this answer

edited 1 hour ago

answered 3 hours ago

hairydresdenhairydresden

3187

answered 3 hours ago

hairydresdenhairydresden

3187

answered 3 hours ago

hairydresdenhairydresden

3187