DEV Community

Lakshmi Sravya Vedantham
Lakshmi Sravya Vedantham

Posted on

You Have Accounts on 34 Services You Forgot About. 8 Were Breached.

#privacy #security #python #opensource

Remember that Canva account from 2019? The MySpace one from way back? That random forum you signed up for once?

Those accounts are still out there. And many of them have been breached — passwords leaked, email addresses sold, personal data floating around dark web dumps.

I built phantom to find them.

What it does 

pip install phantom-accounts
phantom scan you@gmail.com
Enter fullscreen mode Exit fullscreen mode 
╭──────── GHOST ACCOUNT REPORT ────────╮
╰──────────────────────────────────────╯

  ⚠ you@gmail.com  12 breaches

    █ Adobe          2013-10-04  adobe.com
      Exposed: Passwords, Email addresses, Password hints

    █ Yahoo          2013-08-01  yahoo.com
      Exposed: Email addresses, Names, Passwords, Phone numbers

    █ LinkedIn       2021-06-22  linkedin.com
      Exposed: Email addresses, Names, Phone numbers

╭─ SUMMARY ────────────────────────────╮
│  Ghost accounts found: 12 services   │
│  Password leaks: 5                   │
│  Run phantom actions to fix them.    │
╰──────────────────────────────────────╯
Enter fullscreen mode Exit fullscreen mode

It doesn't just find breaches — it tells you what to DO

That's the key difference. Plenty of tools tell you "you were breached." phantom generates a prioritized action plan:

phantom actions
Enter fullscreen mode Exit fullscreen mode 
  ID  Priority    Service     Action
  1   CRITICAL    Adobe       Change password
  2   CRITICAL    Yahoo       Change password
  3   HIGH        Adobe       Enable 2FA
  4   HIGH        LinkedIn    Enable 2FA
  5   HIGH        Marriott    Review account (PII exposed)
Enter fullscreen mode Exit fullscreen mode

Then you track your progress:

phantom done 1    # mark as completed
phantom skip 5    # skip if not applicable
phantom status    # see overall progress
Enter fullscreen mode Exit fullscreen mode

Password checker

Check if a password has been seen in any data breach — using k-anonymity so your actual password never leaves your machine:

phantom check-password
Enter password to check: ****
⚠ Password p4****** has been seen 847 times in data breaches.
Change this password immediately.
Enter fullscreen mode Exit fullscreen mode

How it works

  • Built-in database of 20+ major breaches covering 3 billion+ accounts
  • Optional HIBP API integration for real-time results
  • Actions auto-generated based on what was exposed (passwords = CRITICAL, PII = HIGH)
  • Local SQLite database tracks your response progress
  • Everything runs on your machine

Try it 

pip install phantom-accounts
phantom scan your-email@gmail.com
phantom actions
Enter fullscreen mode Exit fullscreen mode

GitHub: github.com/LakshmiSravyaVedantham/phantom

Part of my privacy tools suite. Also check out trackmap (map your tracking network) and leakwatch (continuous breach monitoring).

Want all three in a single binary?

I rewrote trackmap + phantom + leakwatch as one Rust binary: privacykit

cargo install privacykit
privacykit track scan --chrome
privacykit phantom scan you@gmail.com
privacykit leak scan
Enter fullscreen mode Exit fullscreen mode

Zero Python. Zero dependencies. One binary.

Top comments (0)