June 20, 2018

Jose Maria Chia joins 4iQ

4iQ is proud to join forces with José María Chia and his community-focused portal hacked-emails.com. Since Jose came on board a year ago, we’ve been busy working together on gathering, validating, and curating leaks and breaches across the surface and deep and dark Web. Our focus has been on making our processes faster, more efficient and more accurate. We took a break from our busy schedule to interview Jose Maria Chia about hacked-emails.com and joining 4iQ.

Tell us about yourself and the hacked-emails portal.

I am a systems analyst who is passionate about IT security and innovative ways technology can improve our everyday lives. I am a big fan of open source software, and believe in sharing  knowledge to try and help make the world a better place.

I created hacked-emails.com as a side project to raise awareness about the growing amount of leaks and breaches that were taking place and putting people at risk. I wanted to give back to the community by creating a free place where people could anonymously check to see if their records were exposed. It also gave me an excuse to keep up-to-date with some cool, open source technology.

On hacked-emails, what do you classify as data leaks and where do the emails come from?

A data leak is a security incident in which confidential or private data is exposed or transmitted by someone who is not authorized to do so.  The leaks on hacked-emails are listed in two sections:

Confirmed Leaks: These come from data leaks made publicly available by the attackers or by those affected through different websites. The data has also been confirmed by the company and news sources as real and validated leaks.

Latest Leaks: These are emails found in data dumps in the surface and deep web communities with intent to verify. They have not been ‘confirmed’ or attributed yet.

Why did you join 4iQ?

It was time to advance breach and leak discovery in order to make a bigger impact protecting people and their identities.  I wanted to align with an identity-focused intelligence company with the same passion for protecting people and organizations from bad actors. Joining 4iQ was a natural fit for me.

Breaches and accidental exposures are growing at a rapid rate. We see it everyday. It’s nice to be surrounded by a team of security analysts and breach hunters working towards one common goal. Together, we can move much faster, accomplish more, and ultimately protect more people.

What have you been working on since you joined 4iQ?

Over the last year, I have been working with the team on improving the speed and velocity at which we collect and curate breach data. So far, we have collected and curated more than 10,000 breaches in our system with leaked or  lost credentials and PII/PHI.

We have the capability to help companies be GDPR compliant by allowing companies to proactively monitor the web for signs of  domain exposures, and that’s a powerful thing. Not only does this type of monitoring allow companies to find and protect sensitive data, but it also identifies vulnerabilities – like an employee’s compromised credentials – that can be quickly addressed to mitigate risk by preventing account takeover and denying unauthorized users from accessing your system through a simple login.