Yesterday, I did a presentation on #dataprivacy to a group of #entrepreneurs enrolled in the Entrepreneuriat ULaval program. During my talk I showed the site HaveIBeenPwned. The site is simple, the results are detailed, but the information doesn't appear to be up to date. I wanted to see if there were similar services: • The Hasso Plattner Institute offers a similar tool and the result is an email with a nicely formatted table (shown below). • Cybernews is very basic and provides a simple list without any details - I don't recommend it, but it does provide a host of (basic) information about security. • BreachDirectory, NameScan.io, PrivacyHQ... they miserably fail, or they simply reuse the data from IHaveBeenPwnd... • In theory, Equifax offers "WebScan", but it never raised anything although I know of recent data leaks... • Avast: same concept, very simple email which is a sales pitch for their antivirus. But... ☠️ the page is rigged with marketing trackers even after rejecting all! ☠️ there's a pre-checked box to subscribe to their marketing emails ☠️ on the Verified Data GDPR potential risk scale, it's a big red 10 out of 10! My take: ✅ they provide very basic info but can be useful for educational purposes ❌ they all use the same source of data, which is not up to date ❌ for those practicing robust password management, these basic services might not add much value... ⛔️ there's a big push in #digitalmarketing to collect more #firstpartydata. Every single time you provide personal information, you increase your surface of risk and the number of #dataleaks are bound to increase. #NoConsentNoTracking