watchtower breach notifications
Hi,
Please could someone enlighten me on Watchtower? i.e when does it sync with the haveibeenpawned database, when does it check? I understand how it all works etc and what the function of Watchtower is, but I am concerned that Watchtower is set to notify me of the breach that 123rf has suffered.
Haveibeenpawned & Firefox Monitor have both sent me emails saying my email address etc has been exposed in a breach at 123rf but 1password watchtower says everything is good and there are no breaches. Confirmed this by using the Watchtower report and checking the 123rf URL and it comes back saying "No password breaches for 123rf.com have been found." Link: https://watchtower.1password.com/report/123rf.com
Really concerning from a security and notification perspective and sort of defeats the purpose.
Attached are references to the Firefox monitor, email from haveibeenpawned & 1Password Watchtower 
1Password Version: 7.6.786
Extension Version: Not Provided
OS Version: Windows 10 20H2
Sync Type: 1Password Cloud
Referrer: forum-search:watchtowe
Comments
-
Hi @ag_ana
Thanks for coming back to me. I can see that the status has now changed, but what I do not understand Is why watchtower within 1Password, still does not show the breach and I havent been notified by the IOS App?
Sort of makes the feature of watchtower a little useless?
0 -
Hi @wrwatk,
If you check your 123rf password on the Pwned Passwords search page: https://haveibeenpwned.com/Passwords, not on the home page of haveibeenpwned that is designed for checking email addresses, does it return any results? Please clarify.
Thanks! :+1:
Cheers,
Greg0 -
@wrwatk: I think there is a misunderstanding happening.
"Compromised Websites" in Watchtower are not coming from haveibeenpwned service. We maintain the list of compromised websites ourselves and your report of 123rf is appreciated. I believe that it will be added to Watchtower soon. Sorry for this inconvenience. :frown:
Let me know if it answers your question. Thank you!
++
Greg0 -
I wanted to send you a quick update to let you know that we have updated the Watchtower database, it now shows the breach information you reported :)
0 -
If it takes 10 months to get a listing to your Watchtower database, honestly, this database is of no use. If a security breach gets known, it's crucial to notify people immediately to enable them to react immediately, not after 10 months. In this case I'm happy I kept my subscription in have i been pwnd's breach notification, because this gets me a notification as soon as the breach gets known.
0 -
Coming back to this issue again, I see that the watchtower function is not working again? Today I received an email from both haveibeenpawned and Firefox monitor, regarding the latest LinkedIn Scraped Data Breach. https://businessinsider.com.au/linkedin-data-scraped-500-million-users-for-sale-online-2021-4 Whilst the scraping did not constitute a data breach nor did it access any personal data not intended to be publicly accessible, I would still like to know why 1Password has not notified me of the breach yet or is it going to take 10 months to get updated like the previous breach? I rely on 1Password to manage this for me and I should have to second guess if the service is working or not? I understand that 1password maintain the list of compromised websites yourselves, but surely in 2021 there are some smart solutions around that don't require manual intervention? If 1password cant notify users of a breach when it happens, what is the point of having watchtower?
0 -
The LinkedIn event did not include passwords, from what I can see, so I don't think this will ever show up in Watchtower. Since there is no password to update, you would get a permanent Watchtower alert in 1Password, even if there is nothing you can do about your credentials.
0
