Are you pwned?

PeterWallace

PWN (verb)

1. An act of dominating an opponent.

2. Great, ingenious; applied to methods and objects.

Originally dates back to the days of WarCraft, when a map designer misspelled “Own” as “Pwn”. What was originally supposed to be “player has been owned.” was “player has been pwned”.

Pwn eventually grew from there and is now used throughout the online world, especially in online games.

  1. “I pwn these guys on battlenet”
  2.  “This strategy pwns!” or “This game pwn.”

 

About 50,000 breached records appear online every week.  Do any of them include your usernames and passwords?  A free website – http://www.pwnedlist.com – has been created that lets you easily check if your information has been compromised.  I sure would not want to be the one that sees the following message after inputting their information:

PWNED LIST

 As of November 4, 2011 almost 5 Million e-mail and user names were recorded in the system. PwnedList introduces itself as

“…a tool that allows an average person to check if their accounts have been compromised. No passwords are stored in our database. You can read more about where our data comes from here. Just enter an email address or username associated with any of your accounts to see if it’s on our list. Data entered is not stored, re-used, or given to any third parties. Don’t trust us? You can also use a SHA-512 hash of your email/username as input. Just don’t forget to lowercase all characters first.”

Now this will sound like great news to a lot of people. A team of security experts are doing some good work to help the folks on the internet find out whether or not they have been compromised. That’s great but how many of you know how to do a SHA-512 Hash?  Let alone what is? (You can find more information about the SHA-512 algorithm at The SHA-512 algorithm ) SHA512 is a hashing algorithm that cannot be decrypted so the information they have stored may be safe.

My worry about sites like this is what is stopping a hacker from putting up a site like this to collect information?  Sure the site looks good but if you’re worried that your user name or password may have been hacked it’s time to go change them.  Also you’re not using the same user name and password on different sites are you?  Are your passwords dictionary words?  Time to change that around and create secure passwords and different ones for the different sites you are using.

Think about it is it real safe or is it fakes just trying to get your information?

In-the-Field Device Management: Why It Matters for Your Business

By Guest Blogger December 9, 2025
Why Device Management Is Critical

SECURITY NOTICE: Calendar Phishing - A New Way Hackers Try to Trick You

November 25, 2025
What Is Calendar Phishing?

Cybersecurity Hygiene 101: What Every SMB Should Be Doing

November 4, 2025
Why Cybersecurity Hygiene Matters for SMBs

Leading with AI: How SMBs Can Leverage Artificial Intelligence to Strengthen Every Critical IT Role

October 28, 2025
Why Leading with AI Matters for Small and Medium-Sized Businesses

SECURITY NOTICE: Fake CAPTCHA

October 10, 2025
Fake CAPTCHA Sites Hijack Clipboard to Install Malware

SECURITY NOTICE: Business Email Compromise

October 10, 2025
Understanding Business Email Compromise (BEC)

The Cyber Cold War: How Global Tensions Are Reshaping the Digital Battlefield

By Kordel Eberly August 17, 2025
Welcome to the Cyber Cold War
fish hook

Catching the Big Phish

By Eberly Systems September 20, 2024
We're all in the same boat trying to avoid cybercrime! Here's our top ways to identify a potential phishing attempt.

Key Notes from the Security Team: Q3 2024

By Eberly Systems September 10, 2024
Focus on integrating with new team members and new customers

Key Notes from the Security Team: Q2 2024

By Eberly Systems July 9, 2024
Keeping you abreast of security news