It’s time to fly! 🇬🇧 🇮🇸 🇮🇪 That’s two new flags (or if you’re on Windows and can’t see flag emojis, that’s two new ISO codes) I’ll be adding to my “places I’ve been list” as we start the journey by jetting out to London right after I publish this blog. If you’re in the area, I’ll be speaking at Oxford University on Wednesday at 17:00 and that’s a free and open event. And since recording this morning, we have managed to confirm that I will be speaking at a community event in Reykjavik the following Monday morning, and you’ll see a link on my 2025 events page as soon as they make one available. No public events planned for Ireland yet, but if you’re in Dublin and would like to run something the week after I’m in Iceland, get in touch. Just to round out a big schedule, I’ll be back in Aus speaking in Perth at Microsoft’s Student Accelerator on 14 April and then it’s off to NDC Melbourne shortly after that for a talk on the 30th. Then rest 🙂
- Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
- Cloudflare has found almost half of the passwords people use on their customers’ sites are compromised (but somehow, that’s not the story that got many people’s attention)
- Cloudflare’s stats were gathered via their leaked credential detection service (one of the sources they use for this is Have I Been Pwned’s Pwned Passwords)
- And no, a password alone is not personally identifiable information (yes, that’s an AI-generated response because, no, you can’t find any reference whatsoever to a password being PII in any formal gov docs)
- The Lexipol breach went into HIBP (apparently it was carried out by “Puppygirl Hacker Polycule”, who’d have thunk it?!)
- SpyX also went in (Zack reckons this is the 25th spyware service to be breached since 2017)
- We’re smashing out front end work for the HIBP UX rebuild (go and check out that repo, submit issues and join in on the discussion, we’d love your input)