ScatteredSecrets.com - Find Your Hacked Passwords

find out if your passwords are hacked · get notified · today and tomorrow

About

Scattered Secrets disrupts cybercrime. We protect you and your organization from account takeover ('ATO') and fraud. We can also help your organization to comply with password related rules and regulations like NIST 800-63B and NIS 2.

Most people use the same password for multiple accounts.
Cyber criminals collect data leaks and crack leaked password information.
Found passwords are used to login on other services and takeover your accounts.
Compromised accounts are used to steal money, information and to start ransomware attacks.

Credential Stuffing

above: cyber criminal at work

We collect data leaks and stealer logs.
We extract and crack passwords.
You can keep your employee and customer accounts safe.

Scattered Secrets is a true password breach notification service. Well-known services like Have I Been Pwnd do not process passwords, resulting in many false alarms. In most cases an alert just means that your email address is in a SPAM list and no passwords were stolen. Most cyber threat intelligence companies do not actively crack passwords: they show raw data only. We are best in class in cracking passwords. This allows us to generate unique quality content and to eliminate false positives.

You can use our unique high quality data for protecting employee and customer accounts. For example, you can recover the plain text passwords using a web interface, or fully integrate password re-use checks using our API.

Scattered Secrets BV was founded in 2017 and is located in Amsterdam, The Netherlands (EU). We have got a Big Four background and many years of experience in information risk management, incident response and penetration testing.

Services

PERSONAL PROTECTION

protect individual email accounts

prices including VAT (if applicable)

FREEno expiry

Community

PERSONAL USE
0 domains
1 email
no alerts

€2per email per year

Basic

PERSONAL USE
0 domains
1 or more emails
email alerts

ENTERPRISE PROTECTION

protect domains & emails (for VIPs)

prices excluding VAT (if applicable)

€2,500per year

Pro Bronze

<1,500 FTE
unlimited domains
50 VIP emails
email alerts

€20,000per year

Pro Silver

1,500-15,000 FTE
unlimited domains
250 VIP emails
email alerts

€50,000per year

Pro Gold

>15,000 FTE
unlimited domains
1,000 VIP emails
email alerts

AUTOMATED ATO PROTECTION

keep customer accounts safe

contact us for pricing

Credential Stuffing

above: preventing account takeover by blocking leaked passwords

Protect your customer or internal accounts with our unique Scattered Secrets BreachCheck API:
Fast and easy-to-implement.
No application code updates required.
No access to plain text passwords required.
Protect any kind of IAM system.
Protect all accounts, also if they're not frequently used.
Privacy friendly and GDPR proof.

So no new dependencies or cumbersome integration projects. You don't share sensitive information with us. And you can protect both standard systems like Active Directory and custom solutions.

Do you want to verify the real-life exposure of your accounts using a proof of concept? You can. Just compile a test dataset and we will provide you with clear and fact based risk metrics for your organization.

BreachCheck can also be used during incident response in case of an ongoing credential stuffing attack. We can outpace the attackers and provide you with a list of vulnerable accounts, so you can contain and eliminate the attack as soon as possible.

Pricing of our BreachCheck API is based on the number of accounts you would like to protect and environment specific characteristics. Are you interested in details? Or would you like to discuss options for custom integrations for your specific use-case? Please feel free to contact us.

PASSWORD AUDIT

identify weak passwords

contact us for pricing

Using smart strategies, hardware that excels in a specific job and billions of passwords of experience, we can help you to uncover leaked and other weak passwords used within your organization.

Password audits can be performed on a regular basis to keep your accounts safe. We support a wide variety of password hashing algoritms. Are you interested in details or would you like to discuss non-standard solutions? Please contact us.

Media

Credential stuffing and password cracking explained. From bit to board.

Interested in a subject? Click the picture for details!

How to crack billions of passwords?

How to crack billions of passwords?

This is how password cracking on a massive scale works.

How do my credentials get stolen?

How do my credentials get stolen?

Hookers.nl breach: cracking 57% of the passwords in three days.

Why crack password with Bitcoin mining hardware?

Why crack password with Bitcoin mining hardware?

Bcrypt password cracking extremely slow? Not if you are using hundreds of FPGAs!

How to protect agains account takeover?

How to protect agains account takeover?

Why account takeover prevention is important to protect against credential stuffing.

Why is data quality so important?

Why is data quality so important?

Account takeover prevention: techniques and data quality.

How to protect customer accounts?

How to protect customer accounts?

Protecting your business against customers account takeover fraud.

Contact

We are friendly people and like to help.
If you prefer secure email, get our PGP key.

Dataleaks

focus on quality data, real threats only
no tricks to show the highest numbers
unique dataleaks: 4,753
unique passwords: 7,800,305,485
find out if a specific site was breached below

Show entries

Search:

Find dataleak
0-o.ca
000webhost.com
01186mb.ca
012.ca
0286780777.com
03designscommunications.ca
0420.ca
063305500.lifeshow.com.tw
0827ug.com
0985983777.com.tw
0charges.com
1-sonbmsm.uz
1.34.179.198
1000LiteraryAgents.com
1001-AutoEntrepreneurs.com
1005.idv.hk
103.247.238.81
10kadum.com
110.157.239.29
1111.com.tw

Showing 1 to 20 of 4,736 entries

Previous1 2…237Next

1. Introduction

1.1. Mission

The mission of Scattered Secrets is to make the internet a safer place. We do this by collecting breached account data and providing this data the accounts’ verified owners. This allows the account owners to increase the security level of their accounts and thereby to prevent future breaches.

1.2. Agreement

You agree that by registering, accessing or using our services, you are entering into a legally binding agreement (even if you are using our Services on behalf of a company). This "Agreement" includes this Terms of service and the Privacy notice. If you do not agree to this Agreement, do NOT register and do not access or otherwise use any of our Services. Registered users of our Services are "Members" and unregistered users are "Visitors". This Agreement applies to both.

2. Obligations

2.1. Service Eligibility

To use the Services, you agree that:

You must be at least 18 years old;
You will only have one account, which must be in your real name;
You are not already restricted by Scattered Secrets from using the Services.

2.2. Your Membership

As between you and others, your account belongs to you. You agree to:

Try to choose a strong and secure password;
Keep your password secure and confidential;
Keep information downloaded from Scattered Secrets confidential;
Not transfer any part of your account and;
Follow the law. You are responsible for anything that happens through your account unless you close it or report misuse.

2.3 Payment

If you purchase any of our paid Services, you agree to pay us the applicable fees and taxes. Failure to pay these fees may result in the termination of your subscription. Also:

Your purchase may be subject to foreign exchange fees or differences in prices based on location (e.g. exchange rates);
You must pay us for applicable fees and taxes;
Taxes are calculated based on the billing information that you provide us at the time of purchase;
We don't guarantee refunds.

2.4. Notices and Service Messages

You agree that we may provide notices to you in the following ways:

A banner notice on the Service;
An email sent to an address you provided. You agree to keep your contact information up to date.

3. Rights and Limits

3.1. Service Availability

We may change, suspend or end any Service, or change and modify prices prospectively in our discretion. To the extent allowed under law, these changes may be effective upon notice provided to you.

3.2. Limits

Scattered Secrets reserves the right to limit your use of the Services, including the number of your connections. Scattered Secrets reserves the right to restrict, suspend, or terminate your account if Scattered Secrets believes that you may be in breach of this Agreement or law or are misusing the Services (e.g. violating any DOs and DON'Ts).

4. Disclaimer and Limit of Liability

4.1. Warranty and liability

WE TRY TO KEEP SCATTERED SECRETS UP, BUG-FREE, AND SAFE, BUT YOU USE IT AT YOUR OWN RISK. WE ARE PROVIDING SCATTERED SECRETS AS IS WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT GUARANTEE THAT SCATTERED SECRETS WILL ALWAYS BE SAFE, SECURE OR ERROR-FREE OR THAT SCATTERED SECRETS WILL ALWAYS FUNCTION WITHOUT DISRUPTIONS, DELAYS OR IMPERFECTIONS. SCATTERED SECRETS IS NOT RESPONSIBLE FOR THE ACTIONS, CONTENT, INFORMATION, OR DATA OF THIRD PARTIES, AND YOU RELEASE US, OUR DIRECTORS, OFFICERS, EMPLOYEES, AND AGENTS FROM ANY CLAIMS AND DAMAGES, KNOWN AND UNKNOWN, ARISING OUT OF OR IN ANY WAY CONNECTED WITH ANY CLAIM YOU HAVE AGAINST ANY SUCH THIRD PARTIES. WE WILL NOT BE LIABLE TO YOU FOR ANY LOST PROFITS OR OTHER CONSEQUENTIAL, SPECIAL, INDIRECT, OR INCIDENTAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS STATEMENT OR SCATTERED SECRETS, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. OUR AGGREGATE LIABILITY ARISING OUT OF THIS STATEMENT OR SCATTERED SECRETS WILL NOT EXCEED THE AMOUNT YOU HAVE PAID US IN THE PAST TWELVE MONTHS. APPLICABLE LAW MAY NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY OR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. IN SUCH CASES, SCATTERED SECRETS'S LIABILITY WILL BE LIMITED TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.

5. Termination

Scattered Secrets or You may terminate this Agreement at any time with notice to the other. On termination, you lose the right to access or use the Services. The following shall survive termination:

Our rights to use and disclose your feedback;
Sections 4, 6 and 7 of this Agreement;
Any amounts owed by either party prior to termination remain owed after termination.

6. Dispute Resolution

All legal relationships between you and Scattered Secrets are governed by Dutch law. All disputes related to legal relationships between you and Scattered Secrets to which this User Agreement apply will fall under the exclusive jurisdiction of the competent court in the district of Amsterdam.

7. General Terms

If a court with authority over this Agreement finds any part of it not enforceable, you and us agree that the court should modify the terms to make that part enforceable while still achieving its intent. If the court cannot do that, you and us agree to ask the court to remove that unenforceable part and still enforce the rest of this Agreement. To the extent allowed by law, the English version of this Agreement is binding and other translations are for convenience only. This Agreement (including additional terms that may be provided by us when you engage with a feature of the Services) is the only agreement between us regarding the Services and supersedes all prior agreements for the Services.

If we don't act to enforce a breach of this Agreement, that does not mean that Scattered Secrets has waived its right to enforce this Agreement. You may not assign or transfer this Agreement (or your membership or use of Services) to anyone without our consent. However, you agree that Scattered Secrets may assign this Agreement to its affiliates or a party that buys it without your consent. There are no third-party beneficiaries to this Agreement.

We reserve the right to change the terms of this Agreement and will provide you notice if we do and we agree that changes cannot be retroactive. If you don't agree to these changes, you must stop using the Services. You agree that the only way to provide us legal notice is via email address legal [at] scatteredsecrets.com.

8. Scattered Secrets "DOs" and "DON’Ts"

8.1. DOs. You agree that you will:

Comply with all applicable laws, including, without limitation, privacy laws, intellectual property laws, anti-spam laws, export control laws, tax laws, and regulatory requirements;
Provide accurate information to us and keep it updated;
Use your real name on your profile;
Use the Services in a professional manner.

8.2. DON'Ts. You agree that you will not:

Act in an unlawful manner;
Act dishonestly or unprofessionally, including by posting inappropriate, inaccurate, or objectionable content;
Add content that is not intended for, or inaccurate for, a designated field;
Create a false identity on Scattered Secrets;
Use or attempt to use another's account;
Violate the intellectual property or other rights of Scattered Secrets, including, without limitation, using the word "Scattered Secrets" or our logos in any business name, email, or URL;
Reverse engineer, decompile, disassemble, decipher or otherwise attempt to derive the source code for the Services or any related technology, or any part thereof;
Rent, lease, loan, trade, sell / re-sell access to the Services or related any information or data;
Collect, use, copy, or transfer any information obtained from Scattered Secrets without the consent of Scattered Secrets;
Share or disclose information of others without their express consent;
Monitor the Services' availability, performance or functionality for any competitive purpose;
Engage in "framing," "mirroring," or otherwise simulating the appearance or function of the Services;
Access the Services except through the interfaces expressly provided by Scattered Secrets;
Override any security feature of the Services;
Interfere with the operation of, or place an unreasonable load on, the Services (e.g., spam, denial of service attack, viruses).

8. Last update

This Terms of service agreement was last updated on 31 August 2018.

Scattered Secrets is a service that allows individuals and organizations to detect if their accounts and the corresponding passwords have been breached ('breached accounts'), so that they can prevent possible future data leaks and hacks. It is operated by Scattered Secrets BV, a limited liability company incorporated in The Netherlands, registered under chamber of commerce ID 68867530 and located in Amsterdam. You can reach us by email on legal [at] scatteredsecrets.com.

This privacy notice serves to inform you about how we handle personal data when you access our websites and services. If we update it, we will revise the date, place a notice on our website if the changes are material, and / or obtain your consent if required by law.

The personal data contained in the breached accounts (email address, password hash, plaintext password) made available through Scattered Secrets is governed by a different privacy notice: Privacy notice for Subjects of Breached Data.

If you are less than 18 years old, you cannot use Scattered Secrets without the permission of your parents or legal guardian.

If you want to make use of Scattered Secrets, you need to make an account. For that purpose, we will collect the following personal data: your email address, IP address, and your country (which is automatically determined based on your IP address). If you have a paid account which allows you to monitor multiple email addresses, we will collect those additional email addresses from you as well, so that we can monitor them. You can optionally provide us with your full name and phone number. The purpose of collecting this additional data is to verify your account if needed. The legal basis for this processing is that we need this data in order to provide our services to you, which is a contract between you and Scattered Secrets bound by our Terms of service. Without this data, we cannot provide the services to you.

Extra data that can be processed: information relating to the validation of entitlement (business accounts).

Scattered Secrets will, based on your account type, provide access to the email addresses and passwords of just your own breached accounts, or those belonging to the organization for which you have validated that you are entitled to see them.

The personal data related to your account as described above will be retained for as long as you have an account in our system. You can delete your account at any time. Even if you delete your account, we will retain the financial details, such as transactions and invoices for seven years, because we are required to by law. Your personal data can be disclosed to members of our staff so that they can maintain Scattered Secrets and provide support.

While you use our services, we will be collecting and processing usage data linked to your account:

Web log data, e.g. web pages viewed, access times, IP address, location based on IP address;
Searches you have performed;
Data about your device(s), e.g. screen size, plugins.

The legal basis for processing this usage data is a legitimate interest pursued by Scattered Secrets, namely to analyze and continually improve our websites and services, and to protect the integrity and security of the websites and services against fraud and abuse. The personal data related to your usage of our services will be retained for three years.

Your personal data can be disclosed to members of our staff so that they can maintain Scattered Secrets and provide support. We will not share your personal data with any third parties unless that is necessary in order to provide the service to you (currently: processing your payment), or when we have a legal obligation to do so. All third parties will process your personal data in conformance with this statement.

You have the right to obtain from us: information about how we process your personal data, as well as a copy of the personal data which we have stored about you. You also have the right to correct, update, shield or delete your personal data in our records, as well as data portability of your personal data to a third party, and to report any misuse of your personal data.

If you have any questions, comments or concerns about how we handle personal data or if you wish to make use of your rights described above, please contact us at legal [at] scatteredsecrets.com. If you have a complaint about this privacy notice or about how we handle your personal data, you can also file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Scattered Secrets uses cookies which do not contain personal data, for technical and security reasons. These cookies are necessary for the website to function.

This Privacy notice was last updated on 31 August 2018.