Do a Free data breach scan

Tons of companies have data breaches, there is a high chance your email has been in multiple breaches

Solve My Breach Scan for my data

Scan your email for free

Check if your email address is in a data breach

774,491

Breached Websites

13 Billion

Breached accounts

115,769

Pastes

228,884,627

Paste accounts

Data Breach leaks

Data breaches occur when unauthorized individuals access a company's sensitive information through methods like phishing, malware, or exploiting security vulnerabilities. Once obtained, this data—such as emails and personal details—can be sold on the dark web, used for identity theft, financial fraud, and further phishing attacks. The impact on companies includes financial losses, legal liabilities, and reputational damage, while affected individuals face risks like identity theft and privacy invasion.

Frequently asked questions

What is a "breach" and where has the data come from?

A "breach" is an incident where data is inadvertently exposed in a vulnerable system, usually due to insufficient access controls or security weaknesses in the software. HIBP aggregates breaches and enables people to assess where their personal data has been exposed.

Is a list of everyone's email address or username available?

The public search facility cannot return anything other than the results for a single user-provided email address or username at a time. Multiple breached accounts can be retrieved by thedomain search featurebut only after successfully verifying that the person performing the search is authorised to access assets on the domain.

How is a breach verified as legitimate?

There are often "breaches" announced by attackers which in turn are exposed as hoaxes. There is a balance between making data searchable early and performing sufficient due diligence to establish the legitimacy of the breach. The following activities are usually performed in order to validate breach legitimacy:

  1. Has the impacted service publicly acknowledged the breach?
  2. Does the data in the breach turn up in a Google search (i.e. it's just copied from another source)?
  3. Is the structure of the data consistent with what you'd expect to see in a breach?
  4. Have the attackers provided sufficient evidence to demonstrate the attack vector?
  5. Do the attackers have a track record of either reliably releasing breaches or falsifying them?
What is a "paste" and why include it on this site?

A "paste" is information that has been "pasted" to a publicly facing website designed to share content such as Pastebin. These services are favoured by hackers due to the ease of anonymously sharing information and they're frequently the first place a breach appears.

HIBP searches through pastes that are broadcast by the accounts in the Paste Sources Twitter list and reported as having emails that are a potential indicator of a breach. Finding an email address in a paste does not immediately mean it has been disclosed as the result of a breach. Review the paste and determine if your account has been compromised then take appropriate action such as changing passwords.

My email was reported as appearing in a paste but the paste now can't be found

Pastes are often transient; they appear briefly and are then removed. HIBP usually indexes a new paste within 40 seconds of it appearing and stores the email addresses that appeared in the paste along with some metadata such as the date, title and author (if they exist). The paste itself is not stored and cannot be displayed if it no longer exists at the source.