Has your email address been compromised?

Enter an email address below to check if its been compromised.


Massive data breaches make the headlines on a regular basis, and the number of exposed login credentials has risen into the billions. As a privacy-concerned internet user, you need to know if you have been pwned.

Find out in seconds if your email address has been stolen or compromised. Use the checker and we’ll run your email addresses through a comprehensive database of all email addresses stolen over the last few years.

If your email is found on the database, firstly do not panic! We understand that having your login credentials leaked on the internet can be terribly disconcerting, you need to understand that large-scale data breaches happen all the time, so you have at least some time to act and prevent further damage.

Steps to take if your account is listed

Step 1: Change Your Password

If you get pwned, you need to change your password as soon as possible. You should avoid using a password that has been leaked before, so make sure to consult Have I Been Pwned before you finalize your decision. Security experts advocate the use of long passphrases instead of random strings of letters, numbers, and special characters.

Step 2: Use a Unique Password for Every Online Account

People who use a unique password for every online account are affected by data breaches much less than people who reuse the same few passwords over and over again. One study from 2013 found that 55 percent of people used the same password for all their accounts.

Step 3: Strengthen Your Cybersecurity Defenses

Unfortunately, there’s very little you can do to prevent large-scale data breaches, which is where most pwned emails and pwned passwords come from. However, there’s a lot you can do to strengthen your own personal cybersecurity defenses. Email is a very common attack vector because it allows malicious hackers to distribute malware with minimal effort and alarmingly great results. Even seasoned computer users who know a lot about cybersecurity sometimes find it difficult to distinguish spam from legitimate emails, and it one mistake is all it takes to get pwned.