Live breach disclosures
Two complementary surfaces. Up top, active leak listings from MyThreatIntel (rawer firehose, what's currently being shopped or scraped). Below, the canonical Have I Been Pwned corpus with verification flags, sensitivity markers, and exposed data classes.MyThreatIntel leaks (active) + HIBP public corpus (canonical) + breach-news feeds (timely commentary).
Active leak listingsvia MyThreatIntel
loading…What's actively being shopped or scraped this week. Different signal from the HIBP corpus below: this catches listings before they get canonicalised into "official" breach records, with the data dump size and first-seen timestamp. Records here may turn into HIBP entries later, or never (if the dump is fake, retired, or re-claimed under a different name).
Recent breach disclosuresHIBP corpus
loading…Recent breach news
External breach databases
12 sourcesFor deeper coverage beyond what this tool can check directly. Each link opens an external search — credentials and ToS apply.
Troy Hunt’s canonical breach corpus. Free email + domain lookup, k-anonymity password API. Powers most third-party checkers.
290B+ leaked credentials indexed from stealer logs, combolists, and database dumps. Free account for search; REST API + Slack/Telegram/Webhook alerts on paid tiers.
15B+ breach records searched in a free dark-web exposure report. No signup, no credit card. B2B-grade output covering credentials, infostealer logs, and dark-web mentions.
Webz.io’s breach-monitoring platform — continuous ingestion from breach dumps and infostealer logs. Free Community tier exposes real-time credential + cookie exposure; Pro adds dashboards and automation.
Free dark-web credential scanner. 2.2B+ leaked credentials, 33M+ compromised devices. Search by email, company domain, or service URL — no signup.
Large credential and PII corpus. Searchable by email, username, IP, name, address, phone. Paid API; some free preview hits.
Search engine over indexed darknet, paste sites, Tor mirrors, and leak repositories. Free search with limited results; paid plans for full export.
Open-source breach checker — email + password + domain + CXO dashboard. 835M+ exposed passwords. Public API, no key required. Mirrored into this site’s /dfir/breach backend.
Indexed exposed services and leaked data on the open internet. Free search; OAuth API for automation.
Free email + domain check against a large breach corpus. No signup. Useful as a HIBP cross-reference.
Atlas Privacy’s breach search. Lookup by name, address, phone, SSN, IP, username. Free check with browsable per-org breach catalog at /breach.
Mozilla’s consumer-facing wrapper over HIBP. Free email check with re-check alerts.