Have I Been S0ld? Troy Hunt's security website is up for acquisition

Troy Hunt, inventor and operator of the popular security website Have I Been Pwned (HIBP), is putting the service up for sale.
Hunt, a Microsoft Regional Director and MVP for security, created the site in 2013 after Adobe leaked 153 million usernames and weakly encrypted passwords. Users can enter an email address and discover if it is included in the exposed data. You can also enter a password to see if it features in a data breach.
The site was soon extended with data from other breaches and now contains nearly 8 billion records. HIBP publishes an API which gets over 12 million hits a day, most of them checking whether a password is safe to use. Mozilla's Firefox is one of a number of products that integrates with the API to help users choose strong passwords. Commercial subscribers, governments and law enforcement agencies use the service too.
Hunt said in this weeks' announcement that "to date, every line of code, every configuration and every breached record has been handled by me alone. There is no 'HIBP team', there's one guy keeping the whole thing afloat."
He said that maintaining the site has been stressful and has taken him close to burnout. He believes it is time to put the business up for acquisition, which he is doing with KPMG.
The acquisition project is called Project Svalbard, in tribute to a Norwegian effort to store a vault of seeds to protect against future loss. "It sounds like a befitting name, beginning with the obvious analogy of storing a massive quantity of 'units'," Hunt said.
The question everyone will be asking: will the service get worse? Hunt said he will remain part of HIBP and that consumer searches will still be free. The idea is that a bigger organisation will enable him to build out more capabilities.
He also wants to put more effort into changing the behaviour of both individuals and organisations, in respect of their poor security practices.
Hunt has fallen behind, he said, on responsible disclosure – informing organisations that they have been breached. This he called "massively burdensome".
When will it happen? No hurry said, Hunt. "I'm not under any duress (not beyond the high workload, that is) and I've got time to let the acquisition search play out organically and allow it to find the best possible match for the project."
But he does not want to lead a new nonprofit even with sponsorship from other companies, believing that this would increase rather than reduce the stress he is under.
The site performs an excellent, though dispiriting, service. Those of us who have had active email accounts for many years are likely to feature multiple times in the HIBP database. Your correspondent's, for example, is in 20 data breaches including Adobe, Bit.ly, Creative, Disqus, Dropbox, Kickstarter, Last.FM, MySpace and vBulletin, as reported by HIBP.
Sane security today means unique passwords for every site and a password manager, along with other strategies like multi-factor authentication, but take-up is weak as data from services like Microsoft's Office 365 demonstrates.
source theregister
Industry: Cyber Security

Latest Jobs
-
- Cloud Architect- German Speaker
- Hungary
- Upto €48000 per year + bonus + benefits
-
As a Senior Pre-Sales Solutions Architect, you will play a pivotal role in driving our sales success by translating complex technical solutions into compelling proposals that resonate with our clients. You will collaborate closely with our sales teams to understand customer needs, design tailored solutions, and negotiate successful deals. Responsibilities: Solution Design: Develop comprehensive technical solutions that align with customer business objectives and industry best practices. Proposal Development: Create compelling proposals, including requirements gathering questionnaires, presentation materials, and Statements of Work (SOWs). Customer Engagement: Build strong relationships with clients, understanding their technical, business, and commercial requirements. Collaboration: Work closely with sales teams, delivery teams, and third-party partners to ensure successful project execution. Pricing Strategy: Define and deliver pricing strategies that align with customer needs and company objectives. Requirements: Experience in technical pre-sales or sales support roles. Proven track record in designing and delivering successful customer solutions. Strong technical foundation in areas such as VMware, Azure, AWS, cloud computing, and data center technologies. Excellent understanding of sales principles, account management, and negotiation techniques. Ability to explain complex technical concepts clearly and concisely. Experience working in international teams and supporting clients across multiple regions. Fluency in German and English is essential. Benefits: Competitive salary and benefits package Opportunity to work on challenging and rewarding projects Collaborative and supportive work environment Potential for career growth and advancement Please note that this role is focused on supporting German clients, but will also involve global client support as needed.
-
- Director Cyber Security Consulting Medical / Biotech / Biopharma. United Kingdom
- United Kingdom
- Generous salary, uncapped bonus, travel and usual benefits.
-
CH8431 Director Cyber Security Consulting Medical / Biotech / Biopharma. United Kingdom Looking to make Security Partner within 2-3 years? Do you have current experience selling / delivering cyber consulting & advisory services into Medical / Biotech / Biopharma? If so, we would like to speak with you. Apply today for a discreet conversation. This is a UK based opportunity. Current Cyber security consulting experience is essential, as is a network into the Pharmaceutical / Healthcare industry. Package- Generous salary, uncapped bonus, travel and usual benefits. 07884666351 | chris.holt@dclsearch.com
-
- Director Cyber Security Consulting Pharmaceutical / Healthcare. United Kingdom
- United Kingdom
- Generous salary, uncapped bonus, travel and usual benefits.
-
CH8430 Director Cyber Security Consulting Pharmaceutical / Healthcare. United Kingdom Looking to make Security Partner within 2-3 years? Do you have current experience selling / delivering cyber consulting & advisory services into Pharmaceutical / Healthcare? If so, we would like to speak with you. Apply today for a discreet conversation. This is a UK based opportunity. Current Cyber security consulting experience is essential, as is a network into the Pharmaceutical / Healthcare industry. Package- Generous salary, uncapped bonus, travel and usual benefits. 07884666351 | chris.holt@dclsearch.com
-
- Privileged Access Management (PAM) Specialist
- Germany
- upto €700 per day
-
We are looking for a Privileged Access Management (PAM) specialist to help us redesign our customer's administration environment and implement a PAM tool. The project is divided into two phases: a rough concept phase and a detailed concept phase. We need someone with deep knowledge of ITIL V4, product provisioning, automation, and standardization, as well as good knowledge of the cloud environment, Enterprise Vault, requirements documentation, and analysis. We also need someone with strong communication and team skills Ideally you will have experience with CyberArk, we do require someone who is fluent in German for this contract