Every Year we see various data breaches in which users login credential leaked by hackers, and from years, a website Indexeus.org was collecting those leaked login credentials to provide each login info to everyone in the world.
It can be amazing for hackers, script kiddies and some other notorious computer groups, but sometimes it can be really harmful for a regular internet user, as it contains login information from 100 recent data breaches including the biggest data breaches of Yahoo and Adobe. The site has over 200 million entries.
Technique of re-providing the hacked data is being used by the website owner to draw attention of users to a new type of search engine.
The search engine also was allowing hackers to delete a login credential from their database @$1 per account, but after the European Union’s “Right to be Forgotten” ruling has forced its founder, identified as 23-year-old Jason Relinquo of Portugal, to change the website’s policies and offer a free blacklisting option to all the users.
The site collects data from forums and repositories of information gathered by hackers. It has information from more than 100 data breaches.
Indexeus author Relinquo said Brian Krebs about his website:
I want this to grow and be a reference, and at some point by a tool useful enough to be used by law enforcement.
I wouldn’t have won the NATO Cyberdefense Competition if I didn’t have a bigger picture in my mind. Just keep that in yours.
In the disclaimer, website describes its project:
“The purpose of Indexeus is not to provide private informations about someone, but to protect them by creating awareness. Therefore we are not responsible for any misuse or malicious use of our content and service. Indexeus is not a dump. A dump is by definition a file containing logins, passwords, personal details or emails. What Indexeus provides is a single-search, data-mining search engine.”
I will say, if you see your information in the website database, then you should change your password first with Strong Password Generator and then try to request to the website owner to remove that entry for free, because after the European Union’s “Right to be Forgotten” rule, you can request to remove your information for free.