Update script that inserts breaches into Firefox Remote Settings #2117
Comments
|
Q: Does this only impact email notifications and website notifications? Or will the verified non-Password breaches be hidden from the web UI as well? Curiosity got the better of me, and it looks like here are the 91 verified breaches that did NOT include "Passwords" in the 414 of 505 verified breaches included passwords (total=538)[2021-04-08] PhoneHouse -- 5,223,350; [Dates of birth, Email addresses, Genders, Names, Nationalities, Phone numbers, Physical addresses]
[2021-03-08] WeLeakInfo -- 11,788; [Browser user agent details, Email addresses, Employers, IP addresses, Names, Partial credit card data, Physical addresses, Purchases]
[2021-02-25] SuperVPNGeckoVPN -- 20,339,937; [Device information, Device serial numbers, Email addresses, Geographic locations, IMSI numbers, Login histories]
[2021-02-22] Ticketcounter -- 1,921,722; [Bank account numbers, Dates of birth, Email addresses, Genders, IP addresses, Names, Payment histories, Phone numbers, Physical addresses]
[2021-02-12] NurseryCam -- 10,585; [Email addresses]
[2021-01-20] Oxfam -- 1,834,006; [Bank account numbers, Dates of birth, Email addresses, Genders, Names, Partial credit card data, Payment histories, Phone numbers, Physical addresses]
[2020-12-17] TravelOK -- 637,279; [Age groups, Dates of birth, Email addresses, Genders, Names, Physical addresses]
[2020-10-05] Chowbus -- 444,224; [Email addresses, Names, Phone numbers, Physical addresses]
[2020-08-29] Livpure -- 269,552; [Email addresses, Names, Phone numbers, Physical addresses, Purchases, Salutations]
[2020-08-19] Experian2020 -- 1,284,637; [Email addresses, Employers, Government issued IDs, Names, Occupations, Phone numbers]
[2020-06-25] Ledger -- 1,075,241; [Email addresses, Names, Phone numbers, Physical addresses]
[2020-06-23] Kreditplus -- 768,890; [Dates of birth, Email addresses, Employers, Family structure, Genders, Income levels, Living costs, Marital statuses, Mothers maiden names, Names, Phone numbers, Physical addresses, Places of birth, Religions, Spouses names]
[2020-06-19] Dunzo -- 3,465,259; [Device information, Email addresses, Geographic locations, IP addresses, Names, Phone numbers]
[2020-06-01] Mashable -- 1,414,677; [Auth tokens, Email addresses, Genders, Geographic locations, IP addresses, Names, Partial dates of birth, Social media profiles]
[2020-04-08] Vianet -- 94,353; [Email addresses, Names, Phone numbers, Physical addresses]
[2020-03-27] DecoratingTheHouse -- 1,298,651; [Email addresses, Names, Phone numbers, Usernames]
[2020-03-04] LeadHunter -- 68,693,853; [Email addresses, Genders, IP addresses, Names, Phone numbers, Physical addresses]
[2020-02-20] db8151dd -- 22,802,117; [Email addresses, Job titles, Names, Phone numbers, Physical addresses, Social media profiles]
[2020-02-16] Slickwraps -- 857,611; [Email addresses, Names, Phone numbers, Physical addresses, Purchases]
[2020-02-14] Straffic -- 48,580,249; [Email addresses, Genders, Names, Phone numbers, Physical addresses]
[2020-01-12] Zoosk2020 -- 23,927,853; [Dates of birth, Drinking habits, Education levels, Email addresses, Ethnicities, Family structure, Genders, Geographic locations, Income levels, Names, Nicknames, Physical attributes, Political views, Relationship statuses, Religions, Sexual orientations, Smoking habits]
[2019-12-26] BtoBet -- 444,241; [Dates of birth, Email addresses, Financial transactions, Geographic locations, IP addresses, Names, Usernames]
[2019-10-16] PDL -- 622,161,052; [Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Social media profiles]
[2019-09-27] HalloweenSpot -- 10,653; [Email addresses, IP addresses, Names, Phone numbers, Physical addresses, Purchases]
[2019-09-10] KiwiFarms -- 4,606; [Avatars, Dates of birth, Email addresses, IP addresses, Website activity]
[2019-08-20] MastercardPricelessSpecials -- 89,388; [Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Salutations]
[2019-08-03] Promofarma -- 1,277,761; [Email addresses, Names]
[2019-08-01] Facebook -- 509,458,528; [Dates of birth, Email addresses, Employers, Genders, Geographic locations, Names, Phone numbers, Relationship statuses]
[2019-07-25] MGM -- 3,081,321; [Dates of birth, Email addresses, Names, Phone numbers, Physical addresses]
[2019-07-15] BulgarianNationalRevenueAgency -- 471,167; [Email addresses, Names, Phone numbers, Physical addresses, Taxation records]
[2019-06-10] WienerBuchereien -- 224,119; [Dates of birth, Email addresses, Names, Phone numbers, Physical addresses]
[2019-03-23] EverybodyEdits -- 871,190; [Email addresses, IP addresses, Usernames]
[2019-03-18] MindJolt -- 28,364,826; [Dates of birth, Email addresses, Names]
[2019-02-25] VerificationsIO -- 763,117,241; [Dates of birth, Email addresses, Employers, Genders, Geographic locations, IP addresses, Job titles, Names, Phone numbers, Physical addresses]
[2019-02-15] YouNow -- 18,241,518; [Email addresses, IP addresses, Names, Social media profiles, Usernames]
[2018-11-14] DataAndLeads -- 44,320,330; [Email addresses, Employers, IP addresses, Job titles, Names, Phone numbers, Physical addresses]
[2018-11-05] Adapt -- 9,363,740; [Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses, Social media profiles]
[2018-10-29] ElasticsearchSalesLeads -- 5,788,169; [Email addresses, Employers, Names, Physical addresses]
[2018-10-21] GoldSilver -- 242,715; [Bank account numbers, Email addresses, IP addresses, Names, Partial credit card data, Passport numbers, Phone numbers, Physical addresses, Purchases, Security questions and answers, Social security numbers]
[2018-10-05] YouveBeenScraped -- 66,147,869; [Email addresses, Employers, Geographic locations, Job titles, Names, Social media profiles]
[2018-09-18] SaverSpy -- 2,457,420; [Email addresses, Genders, Names, Physical addresses]
[2018-08-25] AtlasQuantum -- 261,463; [Account balances, Email addresses, Names, Phone numbers]
[2018-08-24] HTHStudios -- 411,755; [Browser user agent details, Dates of birth, Email addresses, IP addresses, Names, Phone numbers, Physical addresses, Purchases, Usernames]
[2018-07-23] Apollo -- 125,929,660; [Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Salutations, Social media profiles]
[2018-06-12] TrikSpamBotnet -- 43,432,346; [Email addresses]
[2018-06-01] Exactis -- 131,577,763; [Credit status information, Dates of birth, Education levels, Email addresses, Ethnicities, Family structure, Financial investments, Genders, Home ownership statuses, Income levels, IP addresses, Marital statuses, Names, Net worths, Occupations, Personal interests, Phone numbers, Physical addresses, Religions, Spoken languages]
[2018-05-31] Ticketfly -- 26,151,608; [Email addresses, Names, Phone numbers, Physical addresses]
[2018-01-01] Elanic -- 2,325,283; [Email addresses, Geographic locations, Usernames]
[2017-12-07] Netshoes -- 499,836; [Dates of birth, Email addresses, Names, Purchases]
[2017-12-05] AIType -- 20,580,060; [Address book contacts, Apps installed on devices, Cellular network names, Dates of birth, Device information, Email addresses, Genders, Geographic locations, IMEI numbers, IMSI numbers, IP addresses, Names, Phone numbers, Profile photos, Social media profiles]
[2017-11-28] OpenCSGO -- 512,311; [Avatars, Email addresses, IP addresses, Phone numbers, Physical addresses, Purchases, Social media profiles, Usernames]
[2017-07-18] B2BUSABusinesses -- 105,059,554; [Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses]
[2017-03-25] HealthNowNetworks -- 321,920; [Dates of birth, Email addresses, Genders, Health insurance information, IP addresses, Names, Personal health data, Phone numbers, Physical addresses, Security questions and answers, Social connections]
[2017-03-22] Factual -- 2,461,696; [Email addresses, Employers, Phone numbers, Physical addresses]
[2017-03-14] MasterDeeds -- 2,257,930; [Dates of birth, Deceased statuses, Email addresses, Employers, Ethnicities, Genders, Government issued IDs, Home ownership statuses, Job titles, Names, Nationalities, Phone numbers, Physical addresses]
[2017-01-09] Sephora -- 780,073; [Dates of birth, Email addresses, Ethnicities, Genders, Names, Physical attributes]
[2017-01-01] RiverCityMedia -- 393,430,309; [Email addresses, IP addresses, Names, Physical addresses]
[2017-01-01] VictoryPhones -- 166,046; [Dates of birth, Email addresses, IP addresses, Names, Phone numbers, Physical addresses]
[2016-11-19] Rankwatch -- 7,445,067; [Email addresses, Employers, Job titles, Names, Phone numbers]
[2016-10-08] ModernBusinessSolutions -- 58,843,488; [Dates of birth, Email addresses, Genders, IP addresses, Job titles, Names, Phone numbers, Physical addresses]
[2016-09-06] RealEstateMogul -- 307,768; [Email addresses, Names, Phone numbers, Physical addresses]
[2016-09-05] Digimon -- 7,687,679; [Email addresses, Email messages, IP addresses, Names]
[2016-09-04] NemoWeb -- 3,472,916; [Email addresses, Names]
[2016-09-01] NetProspex -- 33,698,126; [Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses]
[2016-08-30] MDPI -- 845,012; [Email addresses, Email messages, IP addresses, Names]
[2016-08-15] GeekedIn -- 1,073,164; [Email addresses, Geographic locations, Names, Professional skills, Usernames, Years of professional experience]
[2016-08-07] Wishbone -- 2,247,314; [Auth tokens, Dates of birth, Email addresses, Genders, Names, Phone numbers, Usernames]
[2016-07-19] AKP -- 917,461; [Email addresses, Email messages]
[2016-07-01] FreshMenu -- 110,355; [Device information, Email addresses, Names, Phone numbers, Physical addresses, Purchases]
[2016-06-01] Uiggy -- 2,682,650; [Email addresses, Genders, Names, Social connections, Website activity]
[2016-05-20] BlueSnapRegpack -- 104,977; [Browser user agent details, Credit card CVV, Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases]
[2016-03-27] COMELEC -- 228,605; [Biometric data, Dates of birth, Email addresses, Family members' names, Genders, Job titles, Marital statuses, Names, Passport numbers, Phone numbers, Physical addresses, Physical attributes]
[2016-02-29] KMRU -- 1,476,783; [Dates of birth, Email addresses, Genders, Geographic locations, Recovery email addresses, Security questions and answers, Usernames]
[2016-02-29] Nival -- 1,535,473; [Avatars, Dates of birth, Email addresses, Genders, Names, Spoken languages, Usernames, Website activity]
[2015-10-07] SpecialKSpamList -- 30,741,620; [Dates of birth, Email addresses, Genders, IP addresses, Names, Physical addresses]
[2015-10-01] Patreon -- 2,330,382; [Email addresses, Payment histories, Physical addresses, Private messages, Website activity]
[2015-07-06] HackingTeam -- 32,310; [Email addresses, Email messages]
[2015-05-21] AdultFriendFinder -- 3,867,997; [Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Races, Relationship statuses, Sexual orientations, Spoken languages, Usernames]
[2015-05-14] mSpy -- 699,793; [Device usage tracking data]
[2015-04-27] TRAI -- 107,776; [Email addresses, Email messages]
[2015-04-14] SCDailyPhoneSpamList -- 32,939,105; [Dates of birth, Email addresses, Genders, IP addresses, Names, Physical addresses]
[2015-02-11] Flashback -- 40,256; [Email addresses, Government issued IDs, Physical addresses]
[2014-11-24] Warframe -- 819,478; [Email addresses, Usernames, Website activity]
[2014-02-22] Spirol -- 55,622; [Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses]
[2014-01-01] Snapchat -- 4,609,615; [Geographic locations, Phone numbers, Usernames]
[2013-01-04] HeroesOfGaia -- 179,967; [Browser user agent details, Email addresses, IP addresses, Usernames, Website activity]
[2011-12-26] Tianya -- 29,020,808; [Email addresses, Names, Usernames]
[2011-06-01] Dangdang -- 4,848,734; [Email addresses]
[2010-10-25] PaddyPower -- 590,954; [Account balances, Dates of birth, Email addresses, IP addresses, Names, Phone numbers, Physical addresses, Security questions and answers, Usernames, Website activity]
[2010-05-17] Neteller -- 3,619,948; [Account balances, Dates of birth, Email addresses, Genders, IP addresses, Names, Phone numbers, Physical addresses, Security questions and answers, Website activity]
[2009-01-01] MoneyBookers -- 4,483,605; [Dates of birth, Email addresses, IP addresses, Names, Phone numbers, Physical addresses]import axios from "axios";
const breaches = await axios.get(
"https://haveibeenpwned.com/api/v3/breaches"
).then(res => res.data.sort((a, b) => String(b.BreachDate).localeCompare(a.BreachDate)));
const verifiedBreaches = breaches.filter((breach) => breach.IsVerified);
const verifiedPwBreaches = verifiedBreaches.filter((breach) => breach.DataClasses.includes("Passwords"));
const verifiedNoPwBreaches = verifiedBreaches.filter(breach => !breach.DataClasses.includes("Passwords"))
// Output: "414 of 505 verified breaches included passwords (total=538)"
console.log(`${verifiedPwBreaches.length} of ${verifiedBreaches.length} verified breaches included passwords (total=${breaches.length})`);
for (const breach of verifiedNoPwBreaches) {
console.log(`[${breach.BreachDate}] ${breach.Name} -- ${breach.PwnCount.toLocaleString()}; [${breach.DataClasses.join(", ")}]`);
}
// TOTAL BREACHES = 538
// VERIFIED BREACHES = 505 (33 unverified; ~6%)
// VERIFIED PASSWORD = 414 (91 verified no password leak; ~18%) |
maxxcrawford
added a commit
that referenced
this issue
May 27, 2021
fix #2117: match code to new Firefox alert policy
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We are updating our Firefox breach alert policy. We need to update the code to match.
The text was updated successfully, but these errors were encountered: