### Explanation People register accounts on dozens of online services throughout their lives, often providing real names, email addresses, phone numbers, and passwords. Many of these accounts are created for one-time use and then forgotten, yet the data remains stored on the platform's servers indefinitely. When these services suffer security breaches, the accumulated data becomes available to anyone who obtains the leaked databases. The compounding effect makes this weakness particularly powerful for investigations: - **Breadth of exposure**: A single person's data may appear in multiple independent breaches, each revealing different details — one breach leaks email and password, another adds IP address and physical address, a third reveals phone number and payment history - **Credential reuse**: Because people tend to reuse passwords (see [[SOWEL-6. Reusing Personal Data]]), a leaked credential from one service can confirm identity across others - **Stealer logs**: Information-stealing malware systematically harvests saved credentials, browser cookies, and autofill data from personal devices, creating comprehensive snapshots of a person's digital life - **Permanence**: Breached data circulates indefinitely — even if the original service patches the vulnerability, the leaked records remain available The key behavioural aspect is that people underestimate the cumulative risk of spreading their data across many services. Each registration is a small act, but together they create a large, persistent, and uncontrollable attack surface. ### Examples - [Have I Been Pwned: 11B+ breached accounts](https://haveibeenpwned.com/) ### Types - behavioural - technical - business ### See also - [[SOWEL-6. Reusing Personal Data]] - [[SOWEL-1. Having and Filling Account]] ### Typical techniques - [[SOTL-12.1. Check Data Breach Databases]]