Have I been pwned?
Website repository that checks what sites your email address was used on were compromised
What is Have I been pwned??
What is the site all about?
This site came about after what was, at the time, the largest ever single breach of customer accounts — Adobe. I often did post-breach analysis of user credentials and kept finding the same accounts exposed over and over again, often with the same passwords which then put the victims at further risk of their other accounts being compromised.
The FAQs page goes into a lot more detail, but all the data on this site comes from "breaches" where data is exposed to persons that should not have been able to view it.
Why build the site?
This site serves two primary purposes for me: firstly, it obviously provides a service to the public. Data breaches are rampant and many people don't appreciate the scale or frequency with which they occur. By aggregating the data here I hope that it not only helps victims learn of compromises of their accounts, but also highlights the severity of the risks of online attacks on today's internet.
Secondly, the site provided me with an excellent use case for putting a number of technologies through their paces and keeping my hands-on skills somewhat current. Projects like this are an excellent way of staying relevant as my day job increasingly focuses more on software management and less on actually building things (which I happen to love doing!) It's been an enormously fulfilling journey that I've invited others to join me on by way of often blogging in depth about the process, something I intend to keep up as the site inevitably evolves over time.
Have I been pwned? Screenshots
Have I been pwned? Features
Have I been pwned? information
Supported Languages
- English
Comments and Reviews
Tags
- Data Breach
- Security & Privacy
- security-utilities
Category
Security & PrivacyLists containing Have I been pwned?
Into the Cyberverse • useful websites • Security • Most trusted softwaresRecent user activities on Have I been pwned?
HomelabRat liked Have I been pwned?
RemovedUser Upvoted a comment on Firefox Monitor as an alternative to Have I been pwned?If you have a Firefox Account you can add multiple emails in Firefox Monitor and look across all breaches.- RemovedUser thinks Firefox Monitor is an alternative to Have I been pwned?
Best security site! Very useful to become aware that we have to change our passwords!
Works as you would expect in the same manner other tools work, except that this is open-source and has minimum data collection. This tool has helped me quickly find out multiple breaches that my old email has been involved in and act by chaning passwords and deleting accounts. The page also lists recent breaches to keep you updated and gives your brief but crucial information of them.
Their Privacy Policy is great although they use services like Google Analytics that can log IP adresses for performance metrics. As for their security, it is also great and they state it; their Microsoft Azure servers have firewalls that limit activity, all the data transmission is done over HTTPS, Cloudflare is used for blocking malicious requests, third-party components are kept well-mantained and you can send opt-out requests to remove your data from being publicy visible. In change, you can also opt-in a notification system that will send you emails when breaches occur with you being involved in them.
Not good. I prefer sites like Dehashed and BreachDirectory.tk because they allow me to know exactly what info of mine was leaked and what passwords I should change.