Assignment No 1

Name : Khan Juveriah

Roll no : 6117017
Branch : IT

What does "pwned" mean?

The word "pwned" has origins in video game culture and is a leetspeak derivation of the word
"owned", due to the proximity of the "o" and "p" keys. It's typically used to imply that someone
has been controlled or compromised, for example "I was pwned in the Adobe data breach". Read
more about how "pwned" went from hacker slang to the internet's favourite taunt.

What is a "breach" and where has the data come from?

A "breach" is an incident where data is inadvertently exposed in a vulnerable system, usually due
to insufficient access controls or security weaknesses in the software. HIBP aggregates breaches
and enables people to assess where their personal data has been exposed.
How is a breach verified as legitimate?
There are often "breaches" announced by attackers which in turn are exposed as hoaxes. There is
a balance between making data searchable early and performing sufficient due diligence to
establish the legitimacy of the breach. The following activities are usually performed in order to
validate breach legitimacy:

 Has the impacted service publicly acknowledged the breach?

 Does the data in the breach turn up in a Google search (i.e. it's just copied from another
source)?

 Is the structure of the data consistent with what you'd expect to see in a breach?

 Have the attackers provided sufficient evidence to demonstrate the attack vector?

 Do the attackers have a track record of either reliably releasing breaches or falsifying
them?