Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Any place to report compromised sites?
3 points by hereforphone on Feb 24, 2021 | hide | past | favorite | 1 comment
I sometimes receive spam to special email addresses that I only use at particular sites. For example, I just received one to an address I used only ever used to experiment with the game Town of Salem, years ago.

When this happens I assume that my address was sold, or the site was hacked. In either case it reflects badly. Is there a registry somewhere to collect sites that sell/leak email addresses?

Note that the above example is just one of many. I assume the ToS of some permit selling email addresses. In many cases, such as the RadioReference hack, this isn't the issue and should be made public.



The site operator may not ever tell you if they were hacked, or sold your email in a dirty cross-marketing campaign. It is possible that the people you would report this to may not even know if they did this intentionally. If it was from a cross-marketing dirty list, only the web marketing people may know, if even then. In my opinion, just flag that address as spam and set a rule to either discard their emails or put it into a "compromised" folder. If you want to give the the benefit of doubt, then find the legal/security/report-fraud links on their site and let them know. Maybe you will get an authentic human response.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: