What motivates attackers to dump data publicly? How is it sold, traded and redistributed? These are questions the presenter dealt with while running the ethical data breach search service “Have I been pwned.” This talk will share the lessons from working with more than a billion publicly dumped records and provide a unique inside look at security from a very real-world and very actionable perspective.