What is a data breach?
A data breach occurs when unauthorised individuals gain access to a database or system containing personal information. The stolen data is often published online or sold on criminal marketplaces. Email addresses are among the most commonly exposed pieces of information because they are used as account identifiers across almost every online service.
Breaches range from small incidents affecting a few thousand accounts to massive exposures involving hundreds of millions of records. In many cases, the affected company does not publicly disclose the breach for months — or at all.
How to check if your email has been exposed
Have I Been Pwned
The most widely used and trusted tool for checking email breach exposure is Have I Been Pwned (haveibeenpwned.com), operated by security researcher Troy Hunt. Enter your email address and the site will tell you whether it appears in any known breach databases it tracks.
Get your own privacy report
Want to see what is publicly visible about you?
Get Privacy Report reviews your digital footprint using public-source OSINT techniques. Search visibility, email exposure, username footprint, breach indicators, and a practical action checklist. One-off AUD $69.
Start My Privacy Report — $69The service is free, does not require an account, and covers thousands of breaches. It also lets you sign up for notifications if your email appears in a future breach.
What the results mean
If your email appears in a breach, you will see details including the name of the breached service, the date of the breach, and what types of data were exposed — commonly email addresses, passwords, usernames, phone numbers, or physical addresses.
Seeing your email in a breach does not necessarily mean your accounts have been accessed. It means your details were part of a dataset that was exposed. The risk level depends on what data was included and whether you still use the same password.
Important: Breach databases only reflect known, published breaches. An absence of results does not guarantee your email has never been exposed — it means it has not appeared in breaches that have been catalogued.
What to do if your email has been breached
If your email appears in a breach, take these steps in order:
- Change the password for the affected service immediately, if you still use it
- Check for reuse — if you used the same password elsewhere, change it on every site where it was used
- Enable two-factor authentication (2FA) on the affected account and any other important accounts
- Watch for phishing — breach data is used to craft targeted phishing emails. Be cautious of unexpected messages referencing your account details
- Consider a password manager to generate and store unique passwords for every service going forward
What about passwords in breaches?
Many breaches include passwords, but they are often stored in hashed form rather than plain text. A hash is a one-way transformation of a password — it cannot be reversed directly. However, weak or common passwords can be cracked using precomputed hash tables, which is why password strength and uniqueness matter even when hashes are involved.
If a breach lists "passwords" in its exposed data types, treat the password as compromised regardless of whether it was hashed.
Ongoing monitoring
Breach exposure is not a one-time event. New breaches are discovered and published continuously. Set up breach notifications through Have I Been Pwned and consider using a password manager that alerts you when saved passwords appear in known breaches.
Checking your email against breach databases is a useful starting point, but it only shows one dimension of your public exposure. Email addresses can also appear in public directories, search results, and data broker listings that are unrelated to security breaches.
Get Privacy Report checks email exposure indicators as part of the Full Individual Privacy Report, including publicly visible references beyond breach databases. See what the report covers →