App to Check Your Email Address in Security Breaches

by Rian

Since I just covered a website tracking app related security breaches, I thought to add the old-fashioned one — the one tracks by your email address. Traditionally, service providers and security researchers had released their findings separately, per case basis. If you were a customer of 100 different services, you had to look out for each and every one of them. Although the standard practice mandates the leaked service provider to reach out the affected users, it was an optimistic outlook to believe all the users would be notified promptly.

Have I Been Pwned is a website where you can check your email addresses against the aggregated databases of security breaches. Essentially, you are searching your email address against what the developers of the website were able to find. It also offers notification feature, if you would like to be notified, instead of searching manually every now and then. The website does not automate the entire procedure of handling leaks. I would recommend following through the affected service providers’ information.

One other thing to note for anyone who is using password managers — there are some popular managers that do check against HIBP. It is basically an add-on, nothing more, but it is handy feature if you don’t want to worry about breaches from a website you signed up for 15 years ago.