Have I Been Pwned allows you to check whether your email address has been exposed in a data breach.

Pwned Passwords is a huge corpus of previously breached passwords made freely available to help services block them from being used again.

What is the Site All About? This site came about after what was, at the time, the largest ever single breach of customer accounts — Adobe.

Sign in to access your Have I Been Pwned dashboard, where you can search sensitive breaches, view stealer logs, manage domains, and access subscription features.

The site is simply intended to be a free service for people to assess risk in relation to their account being caught up in a breach. As with any website, if you're concerned about the intent or security, don't use it.

Get notified if your email address appears in a future data breach. Have I Been Pwned will alert you when we find your email address is exposed.

Remove your email address from public search results on Have I Been Pwned. Opting out ensures it won’t be publicly visible via the breach lookup service.

Aug 13, 2025 · In June 2025, headlines erupted over a "16 billion password" breach. In reality, the dataset was a compilation of publicly accessible stealer logs, mostly repurposed from older leaks, …

Clear and visible attribution with a link to haveibeenpwned.com should be present anywhere data from the service is used including when searching breaches or pastes and when representing breach …

Oct 21, 2025 · After normalising and deduplicating the data, 183 million unique email addresses remained, each linked to the website where the credentials were captured, and the password used. …