
Ask HN: Where was the security breach made that stole my information? - Chos89
I recently got 2 emails, one from Amazon and the other from LinkedIn, both saying that I should change my password because my email and password were posted somewhere online.
There was no mention of where it was and they did&#x27;t respond to my email.<p>Do you guys know anything that happened recently that could have caused it?
======
detaro
[https://haveibeenpwned.com/](https://haveibeenpwned.com/) by @troyhunt is
_the_ trustworthy service to check your mail address against a lot of
breaches.

~~~
Chos89
Thanks for the link, It was a hosting site that was breached. How can it be
that they were able to get my password, shouldn't they encrypt it?

~~~
detaro
Hash, not encrypt. And "Should", yes. "Did" maybe not so much. Or to weak
password/hashing algorithm combination, so it could be brute-forced. But if I
remember the 000webhost dump was cleartext.

