DidCompanyLeak.com is a social-media-savvy tool to determine whether an ESP or a company has been compromised and is leaking email addresses to spammers.

The sooner you find out that there's been an information leak of some sort, or someone is doing something bad with your infrastructure, the better.

The sort of people who'll notice you have a security problem are likely to talk, or blog, about it. Monitoring social media and blogs can be a simple, cheap way to be notified of a problem (Yay! Crowdsourcing!). Didcompanyleak offers a simple way to get a twitter search query that might find reports of a breach, including an RSS feed that you can feed into your RSS client (or smarter automation) to be notified automatically.

Twitter is just one possible source of this sort of warning. Some others are:

• Google Alerts
• Social Mention
• Addict-o-matic
• Samepoint
• BlogPulse

Crowdsourced notification like this is easy to put into place, and complements more sophisticated monitoring (like followthatlist) nicely.

I can't take any credit at all. Lenny Seltzer came up with the idea, and implemented it at wascompanyhacked.com.

It was such a great idea, I decided to steal it. Give Lenny all the credit and blame me for any problems.

Lenny goes into more detail about the concept on his blog and the Internet Storm Center Diary. Good stuff, all of it.

If you're looking for something a little more serious, then databreaches.net and the privacy rights clearinghouse are worth a look.