This post is long overdue.
Back in May 2013, I released a Twitter bot called @dumpmon whose sole purpose was to track and report password dumps and other sensitive information shared on paste sites such as Pastebin. Since that time, dumpmon has proven - to my excitement - to be valuable to researchers, being featured in news articles, Defcon slides, and HIBP!
After two years, it’s time to post an overdue status update providing some insight into the data dumpmon has collected over this time.
Note: This is a pretty long post, so feel free to skip here if you just want the data.Read More