Email Breach Check

What to Do If Your Email Was Breached

Step 1 — Change passwords on breached sites immediately

If your email appears in a breach from a specific service, go to that site and change your password right away. If you used the same password anywhere else, change it there too — attackers run automated tools that test leaked credentials across hundreds of services simultaneously (credential stuffing).

Step 2 — Check for password reuse

Password reuse is the reason one breach becomes ten compromised accounts. Search your password manager (or memory) for any site where you used the same password, and update each with a unique one.

Step 3 — Enable two-factor authentication

Even if your email and password are known to an attacker, 2FA stops them from logging in. Enable it on your email account first — it's the master key to everything else. Then banking, social media, and any account with personal data.

Step 4 — Use a password manager

Bitwarden (free, open source) and 1Password continuously monitor your saved accounts against breach databases and alert you when new breaches are discovered. This automates staying ahead of attackers entirely.

What is a data breach?

A data breach occurs when attackers gain unauthorised access to a company's database and extract user records — typically email addresses and hashed passwords, sometimes names, phone numbers, or payment details. These records are sold on dark web forums and used for credential stuffing attacks.

XposedOrNot is a public breach notification database that aggregates billions of records from hundreds of confirmed breaches. Unlike some services, it provides a free public API specifically to help people check their exposure without barriers.

What data is typically exposed?

• Email addresses and usernames
• Passwords (hashed or, in worst cases, plaintext)
• Names, phone numbers, physical addresses
• Dates of birth and security question answers
• IP addresses and device information