HackNotice is a service that went live in July and is designed to alert you when your information has been disclosed in leaked data breaches from hacked sites. HackNotice does this by collecting leaked information from data breaches and compiling it into a database that can be used to determine if information related to your monitored email addresses have been leaked.
This allows you to quickly know when your data or information has been leaked so that you can change passwords, delete accounts, or monitor your credit for unusual activity.
To use the service, users need to register a free account on the HackNotice site. They can then create watchlists for email addresses and web sites that they wish to monitor for detection in leaks or for when new hacks occur.
The first watchlist, called the Hack Watchlist, allows you to configure various domains to receive alerts about when there has been a hack or data breach. When creating this watchlist, you can use a list of preconfigured domains or add any domain you want to monitor to the list.
The second watchlist is called the Identities Watchlist and allows you to configure various emails that should monitored in data breaches. If HackNotice finds your monitored email address in a data leak, it will notify you so that you become aware of the breach and can change your passwords.
To prevent you from monitoring email addresses that you do not own, HackNotice will require an email verification before allowing you to monitor an added email address.first.
This service was created by Steve Thomas who is a veteran in data breach space having created the PwnedList site and worked at the SecurityScorecard security firm. He also told BleepingComputer that other security professionals, such as Shu Chow and Mathias Bustamente, assisted in the creation of the site.
Thomas told BleepingComputer that he created HackNotice after getting constantly notified about hacked sites and his information being leaked.
“I built HackNotice out of a personal need, where even though I was dealing with breaches and leaked data daily at work, I couldn’t keep up with all of the breaches, let alone the ones that included my data,” Thomas told BleepingComputer via email. “After my identity was leaked several times in 2017, I decided to quit my job and focus full time on building a service that could keep track of hacks and leaks for everyone, with as little effort as possible.”
In addition to the monitoring services built into the HackNotice site, the organization also created a Chrome browser extension that notifies you when you are visiting a site that was hacked and allows you to see information related to the hacks.
How to setup and use the HackNotice extension
If you would like to be notified when you visit a site that has been recently hacked, you can install the Chrome HackNotice Browser Extension. Unfortunately, The instructions for setting up the extension are fairly minimal, it non-existent, and many people do not realize is that you first need to create an account at HackNotice before you can use the extension.
To get up and running with the HackNotice Browser Extension, click on the extension’s icon in the browser to see two options.
First, click on the Sign Up button and register a free account at HackNotice. One you have done this, click on the Activate button to generate a key that will be used by the extension.
Once you visit the above page, a key will be generated and linked to your extension. At the above page, I also suggest you to enable the “Receive All Alerts” option while you test the service. You can always turn it off again if you start receiving too many notifications.
Now when you visit sites that have been hacked, the extension will display a browser notification alerting you of this.
If you click on the alert, your browser will open a page on HackNotice that displays the recent news regarding data breaches and hacks associated with the site.
Now that you know that the site has been hacked, you can change any other accounts that may utilize the same password or monitor credit cards for unauthorized activity.
With the constant stream of data breaches that we read about on almost a daily basis, a tool like this can be helpful in protecting our identity, credentials, and accounts.