Privacy Tool

Email Breach Checker

Search over 12 billion leaked records to see if your email and password were exposed in a data breach.

🔒 Your email is checked via the HaveIBeenPwned API using k-anonymity — only a partial hash is sent, never your full email.

🛡️

k-Anonymity Protection

Your email is hashed and only the first 5 characters of the hash are sent to the API. Your full email never leaves your browser.

🔍

12B+ Records Searched

The HaveIBeenPwned database contains over 12 billion accounts from 700+ breaches including major sites.

⚡

What to do if breached

Change your password immediately on the affected site and anywhere you use the same password. Enable two-factor authentication.

Frequently Asked Questions

Is it safe to enter my email here?

Yes. Your email is never sent to our servers or the HIBP API in plain text. We use k-anonymity: your email is hashed in your browser, only the first 5 characters of the SHA-1 hash are sent, and the API returns all matching hashes. Your browser then checks locally if your full hash is in the results. Your actual email is never transmitted.

What should I do if my email is in a breach?

1. Change your password on the breached site immediately. 2. Change your password on any other site where you used the same password. 3. Enable two-factor authentication wherever possible. 4. Watch for phishing emails that may reference the breached service.

What is HaveIBeenPwned?

HaveIBeenPwned (HIBP) is a free service created by security researcher Troy Hunt that aggregates data from publicly known data breaches. It contains over 12 billion records from 700+ breaches and is widely trusted by security professionals worldwide.