On Sat, Jan 06, 2018 at 05:10:10PM +0100, Davide Prina wrote: > https://haveibeenpwned.com/ > > that inform you if your credential have been compromised in data brench > (only for public compromised data). > > I have try it with sub...@bugs.debian.org and this account result > compromised!! for: Email addresses, Passwords, Device usage tracking data, > Names, Physical addresses
Thanks for your concern. However, I suspect it's misplaced in this case. haveibeenpwned.com works largely by indexing and scanning public text sharing sites like pastebin.com. Given the nature of sub...@bugs.debian.org, it's fully expected to show up in lots of content on such sites. > Have this address a password? > Can this be a security issue? (If this is not know and the password was not > changed) sub...@bugs.debian.org is not an email account with a password, so there's no risk of password compromise. > I have see that also other Debian mail result compromised: > secur...@debian.org > debian-security@lists.debian.org > requ...@bugs.debian.org > listmas...@lists.debian.org > debian-de...@lists.debian.org > debian-proj...@lists.debian.org > debian-security-annou...@lists.debian.org > debian-i...@lists.debian.org > debian-ital...@lists.debian.org > debian-l10n-ital...@lists.debian.org What I said about sub...@bugs.debian.org applies equally to these addresses as well. noah
signature.asc
Description: PGP signature
