So let's start out with the tell us your name and what do you do?

So my name is Troy Hunt. I am an Australian security researcher, I guess.

That's term seems to be used a lot. I run the data breach notification service, have I been

powned? I write some online training for people and speak at events.

Troy's website, have I been poem.com is amazing. Basically, if there's a data breach out there,

where the data is public, Troy knows about it. He collects all the breach data and puts it into

his database and lets people search for their email address to see if their account has been

in a breach. Yeah, so I mean a typical example, let someone pop up and says, look, I've got

data. It's often via an email or a Twitter DM and they say, look, would you like it if I have

I've been powned? They often send me a link to mega. So they'll put it on mega in Z somewhere.

Sometimes they ask for attribution as well. So some people want either the notoriety or the

or the fame as it may be. I go through, grab that data, validate that it's actually legitimate

then load it in, write it up and publish it. He's been running this site since 2013, adding all

the public and semi-public user account data breach details that he could find. And his site has

truly changed how we view our account security. Yeah, just really began. I mean, I guess one of the

things that amazes me, I'm looking at the record count now having just loaded the Dub Smash data

last night and it's almost 6.9 billion records. And I remember when I started and there was like

155 million records in there and I was like, well, this is a lot of data. I wonder if it's going

to be able to get much bigger. That is, there have been 6.9 billion email addresses seen in

data breaches in the last 10 years or so. That's a lot of email addresses. So this is 6.9 billion

breached accounts. So as an example, my own email address has been seen 15 times. So of that 6.9

billion, 15 of them are me. So this is not unique email addresses. Unique email addresses is more

...