Security researcher Troy Hunt isn’t selling Have I Been Pwned after all. He continues to maintain the data leak search engine himself. Last year, Hunt started looking for a buyer because it took him a lot of time. There was almost a deal, but it was canceled at the last minute.
Last year in June, Hunt announced it was looking for a buyer for the service. That search is now definitively over. Hunt says Have I Been Pwned will remain independent and will continue to work on it independently. He does say that he needs help with this and that he will delegate work.
In an extensive blog, Hunt describes how the acquisition process went in recent months. The security researcher took KPMG in hand for this. Numerous companies were interested; after a first selection, 141 remained. This included large tech, antivirus and hosting companies. There was also interest from financial institutions and insurance companies.
Hunt’s goal was to sell the service to a company he trusted completely and shared the vision of. After a new selection, 43 potential candidates remained. These parties received an extensive Information Memorandum with information about the service, after which they could make an offer.
In the end, only one party remained that was given exclusivity in the takeover process. That happened in September last year. According to Hunt, the deal was almost closed from both sides, but due to a sudden ‘change in the business model’ of the interested party, both parties decided to cancel the deal. Hunt is not allowed to say which company it is and how high the bid was due to non-disclosure agreements.
Have I Been Pwned has been around since 2013. Security researcher Troy Hunt collects data from major data breaches there, so that users can see if they have been affected. Users can sign up to receive a notification as soon as their data occurs in a data breach. Millions of people use it. 1Password and Mozilla have integration with the service in their software.
Part of the document potential buyers received