Check any email address against known breach corpora. See which breaches, when, and what was exposed.
Free and anonymous. No account required.
This checks the email against a public breach corpus and returns the number of breaches, the most recent date, and the data classes exposed (emails, passwords, etc.).
Reused or breached credentials are a leading cause of account takeover. Knowing an address is exposed tells you to rotate passwords and enable phishing-resistant MFA.
A keyless breach-intelligence provider is queried for the address. Only public-safe fields are returned: breach name, date, and data classes. Specific passwords are never returned.
No. The queried address is not written to our usage log; only the verdict (exposed/clean) is recorded.
Change the password anywhere it was reused and turn on multi-factor authentication, ideally an authenticator app or passkey.
Connect your inbox and InboxWatch watches for these threats automatically. Free for your first 15 scans.
Connect your inbox