Pwned Passwords - Have I Been Pwned When credentials are exposed in data breaches, attackers can use these known email and password combinations to access your other accounts NIST guidelines specifically recommend checking user passwords against previously breached datasets
Frequently Asked Questions - Have I Been Pwned When email addresses from a data breach are loaded into the site, no corresponding passwords are loaded with them Separately to the pwned address search feature, the Pwned Passwords service allows you to check if an individual password has previously been seen in a data breach
Who, What Why - Have I Been Pwned Learn about Have I Been Pwned, why it was created, who runs it, and how it helps people discover if their personal data has been exposed in data breaches
API Documentation - Have I Been Pwned Pwned Passwords are hundreds of millions of passwords which have previously been exposed in data breaches The service is detailed in the launch blog post and most recently in this post about the FBI and NCA feeding data into the service
Sign In to Your Dashboard - Have I Been Pwned Sign in to access your Have I Been Pwned dashboard, where you can search sensitive breaches, view stealer logs, manage domains, and access subscription features
Have I Been Pwned: NVIDIA Data Breach In February 2022, microchip company NVIDIA suffered a data breach that exposed employee credentials and proprietary code Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community
OGUsers (2022 breach) - Have I Been Pwned In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018 The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes A total of 529k unique email addresses appeared in the breach
Have I Been Pwned: SevenRooms Data Breach SevenRooms advised that the breach was due to unauthorised access of "a file transfer interface of a third-party vendor" In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum
Have I Been Pwned: CafePress Data Breach In February 2019, the custom merchandise retailer CafePress suffered a data breach The exposed data included 23 million unique email addresses with some records also containing names, physical addresses, phone numbers and passwords stored as SHA-1 hashes
Have I Been Pwned: ClickASnap Data Breach In September 2022, the online photo sharing platform ClickASnap suffered a data breach The incident exposed almost 3 3M personal records including email addresses, usernames and passwords stored as SHA-512 hashes