Creator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Joined April 2008
- Tweets 121,402
- Following 1,317
- Followers 248,835
- Likes 1,763
10,705 Photos and videos
Troy Hunt retweeted
New breach: Berkadia was targeted by a ShinyHunters "pay or leak" extortion campaign in March. They subsequently published over 300k unique email addresses allegedly taken from the company's Salesforce instance. 76% were already in @haveibeenpwned. More: haveibeenpwned.com/Breach/Be…
4
4
1,211
Troy Hunt retweeted
New breach: Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign in March. Data included 137k unique email addresses along with name, phone number, physical address and support tickets. 76% were already in @haveibeenpwned. More: haveibeenpwned.com/Breach/In…
1
7
13
2,990
Going live with my weekly vid in 10 mins! Back on the IoT Bandwagon: Doorlocks With Unifi Access, Finally Making the AI LPR Work, I Still Hate All Light Switches youtube.com/live/hTrB6WU5FpE…
Weekly Update 508
Back on the IoT Bandwagon: Doorlocks With Unifi Access, Finally Mak...
youtube.com 2
5,301
Troy Hunt retweeted
Jun 10
New breach: The University of Nottingham was targeted in a ShinyHunters extortion campaign exposing 455k email addresses this week. Data included name, address, phone, ethnicity, disability & academic enrolment info. 47% were already in @haveibeenpwned haveibeenpwned.com/Breach/Un…
4
15
41
10,207
Weekly update is up! Have I Been Pwned Passes 1,000 Data Breaches: Join Me for a Commemorative Beer 🍺 troyhunt.com/weekly-update-5…
5
1
18
3,651
Have I got any friends at @OpenAI that can help get our app submission for @haveibeenpwned through? After many hours of preparation, we're stuck on an endless loop of "This is a required field" without specifying the field, and they're all complete anyway 🤷♂️
8
7
68
19,426
Most vulnerability management programs are built around periodic scans. But a threat landscape that moves in hours doesn't wait for your next scan cycle. ⏳
@troyhunt joined us to talk about what real-time, remediation-connected vulnerability management looks like. This is such a long overdue conversation for anyone still running scan-and-pray workflows.
Watch on-demand: see.ninjaone.com/upRfI
1
4
3,690
Troy Hunt retweeted
New breach: Baker Distributing had 103k unique email addresses allegedly exposed after appearing on the ShinyHunters "pay or leak" site. The data was mostly corporate contact info including names, addresses and phones. 50% were already in @haveibeenpwned: haveibeenpwned.com/Breach/Ba…
3
7
24
10,440
Going live with my weekly vid in 10 mins! Have I Been Pwned Passes 1,000 Data Breaches: Join Me for a Commemorative Beer 🍺 youtube.com/live/URB6xsrJcmI…
Weekly Update 507
Have I Been Pwned Passes 1,000 Data Breaches: Join Me for a Commemo...
youtube.com 1
1
7
8,940
I’ve had so many discussions with breached organisations considering if they should disclose. This is the scenario I always paint: one day, the truth may come out, and you’ll forever be waiting for that day when you’re going to have a *really* serious problem.
Jun 5
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches techcrunch.com/2026/06/05/fo…
1
14
95
15,154
Troy Hunt retweeted
New breach: BCD Travel was targeted in a ShinyHunters extortion campaign that published 396k email addresses this week. Other data included name, address, phone, job title and support tickets. 28% were already in @haveibeenpwned. Read more: haveibeenpwned.com/Breach/BC…
6
10
26
9,520
This has gotta be the laziest @Mailchimp phish ever: “uh, can you just export your entire mailing list and send it to us?” 🤣
10
5
149
19,998
Troy Hunt retweeted
New breach: DentaQuest was targeted by a ShinyHunters extortion campaign that saw 2.6M unique email addresses published last weekend. Data also included name, phone, address and for some records, Medicaid ID. 66% were already in @haveibeenpwned. More: haveibeenpwned.com/Breach/De…
1
7
27
8,011
The free gov program at @haveibeenpwned keeps expanding! Today, we welcome our 46th government: the Philippines 🇵🇭
Their National CERT is now using HIBP to help protect government departments, public resources and the people behind them. troyhunt.com/welcoming-the-p…
9
84
7,719
Weekly update is up! Breach Week: 7-Eleven; Ameriprise; Mytheresa; Kemper; Charter; The Data Breach Disclosure Lag; Welcoming the Bhutanese Government troyhunt.com/weekly-update-5…
6
4,001
That's a massive milestone - 1,000 breaches processed in @haveibeenpwned - and it got me wondering why the service is still needed? But you don't have to look far to see why: troyhunt.com/1000-data-breac…
10
21
90
10,908
1,000 data breaches later 😮
New breach: Edmunds was listed by ShinyHunters as allegedly breached in Jan, with the data later published online. It contained 178k unique email addresses, usernames, IP addresses, phone numbers and passwords. 91% were already in @haveibeenpwned. More: haveibeenpwned.com/Breach/Ed…
2
3
27
9,031
Troy Hunt retweeted
New breach: Edmunds was listed by ShinyHunters as allegedly breached in Jan, with the data later published online. It contained 178k unique email addresses, usernames, IP addresses, phone numbers and passwords. 91% were already in @haveibeenpwned. More: haveibeenpwned.com/Breach/Ed…
1
10
32
17,071
Troy Hunt retweeted
May 30
New breach: The Atlas Menu GTA V and CS2 cheat service had 64k accounts breached yesterday. Data includes email and IP addresses, usernames, passwords stored as bcrypt hashes and support tickets. 49% were already in @haveibeenpwned. Read more: haveibeenpwned.com/Breach/At…
2
15
50
11,846
Going live with my weekly vid in 15 mins! Breach Week: 7-Eleven; Ameriprise; Mytheresa; Kemper; Charter; The Data Breach Disclosure Lag; Welcoming the Bhutanese Government youtube.com/live/4op_50aM7TE…
Weekly Update 506
Breach Week: 7-Eleven; Ameriprise; Mytheresa; Kemper; Charter; The ...
youtube.com 1
5
5,944