Cybernews: 16 B passwords exposed – are you affected? Forbes: 16 B Apple, Google, Facebook passwords leaked — Act now IBTimes: How to check if your account is compromised Techi: Is cybersecurity broken beyond repair? Tom’s Guide LIVE: Data breach hits big tech

🔒 Has Your Email Been Compromised?

Scan your address against leaked passwords from the June 2025 mega breach. We never store your raw email.


    

  





  

    

      

        
 What Happened in the 2025 Mega Leak?

        
A record-breaking 16 billion credential pairs surfaced on 20 June 2025, aggregated from stealer logs and old breaches.

        
    
          
  • 80-90 % recycled but millions first-seen in 2025
    • 
          
  • Major brands affected: Apple, Google, Meta, GitHub, Telegram…
    • 
          
  • First public torrent sized 1.2 TB compressed
    • 
        

        How to Secure Your Accounts 

      
 Infographic about the 2025 password leak 

    

  





  

    

      

        
 Free Breach Lookup API

        
Build breach protection into your product—query up to 10 000 emails/day with k-anonymity padding. Only hash prefixes leave your app.

        
GET /api/v1/breach?hash=00100…
{
  "hits": 3,
  "first_seen": "2019-10-27"
}

        Get API Key

        

         * Due to high demand, the API is temporarily paused. We'll be back shortly. 

      
  

    

  





  

    
 5 Actions to Secure Your Accounts

    

      

        

          

            
 Turn on Passkeys

            
Apple, Google & Microsoft now support FIDO passkeys—ditch the password entirely.

          

        

      

      

        

          

            
 Use an Authenticator App

            
TOTP apps are safer than SMS codes and free to set up.

          

        

      

      

        

          

            
 Unique, Strong Passwords

            
Never reuse passwords; aim for 12+ characters including symbols.

          

        

      

      

        

          

            
 Password Manager

            
Free tiers of Bitwarden or 1Password can store hundreds of credentials securely.

          

        

      

      

        

          

            
 Watch for Phishing

            
Double-check reset emails following major breaches. Attackers strike fast.

          

        

      

      

        

          

            
 Enable Automatic Updates

            
Keep your devices, browsers, and apps updated to patch known vulnerabilities without delay.

          

        

      

    

  





  

    
 Premium Monitoring

    

      

        

          

            
 Just $2.99 / month

            
We watch the dark web nonstop and alert you the moment your email or password appears in a new dump.

            
    
              
  •  Unlimited email addresses
    • 
              
  •  Instant breach push & email alerts
    • 
              
  •  24/7 dark‑web password scans
    • 
            

            Start Monitoring

        

      

    

  





  

    
 Frequently Asked Questions

    

      

        

          
        

        

          
We never distribute raw credentials; we store only partial hashes so users and developers can verify exposure without seeing the underlying data.

        

      

      

        

          
        

        

          
Our dataset merges 30 public stealer dumps and historical breaches. False negatives are possible but uncommon; indexes refresh weekly.

        

      

      

        

          
        

        

          
No. Your email is hashed inside your browser and only a partial hash prefix is sent to our server. We never store, log, or share any personal data.

        

      

      

        

          
        

        

          
No. The tool only confirms if a hash prefix appears in the database, which provides no usable data to attackers. It’s designed with privacy and security in mind.

        

      

      

        

          
        

        

          
Immediately change your passwords, enable 2FA on all critical accounts, and monitor for suspicious activity. Use a password manager to avoid reuse in the future.