Have I Been Pwned

@haveibeenpwned

Check if you have an email address or password that has been compromised in a data breach. Created and maintained by @troyhunt.

Australia

Joined November 2013

1Following

168KFollowers

Pinned

Have I Been Pwned@haveibeenpwned · Jun 25

New breach: In June last year, Robinsons Malls in the Philippines had 195k unique email addresses breached via their mobile app. Data also included name, DoB, gender, phone and city. 43% were already in @haveibeenpwned. Read more: rappler.com/technology/nat…

haveibeenpwned's tweet card. The National Privacy Commission adds that S&R membership shopping club, allegedly a data breach victim as well, has not reported any data breaches

14.0K

Pinned

Have I Been Pwned@haveibeenpwned · May 27

New breach: French ISP "Free" was breached in Oct and the data later published publicly. It contains 14M email addresses along with name, physical address, gender, DoB, phone and for many records, IBAN. 59% were already in @haveibeenpwned. Read more: bleepingcomputer.com/news/security/…

haveibeenpwned's tweet card. Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information.

115

23.0K

Pinned

Have I Been Pwned@haveibeenpwned · Apr 13

New breach: Samsung Germany had 216k unique email addresses exposed due to a compromise of their logistics provider, Spectos. Data included name, physical address, purchases and shipping tracking numbers. 49% were already in @haveibeenpwned. Read more: infostealers.com/article/samsun…

haveibeenpwned's tweet card. Another colossal breach fueled by infostealer malware, and this time, it’s Samsung in the crosshairs.

159

33.0K

Have I Been Pwned@haveibeenpwned · Jul 23

New breach: 160k customer records were allegedly obtained from Creams Cafe in May. Data included email and physical address, name and phone number. Creams Cafe did not respond to repeated attempts to report the breach. 76% were already in @haveibeenpwned haveibeenpwned.com

haveibeenpwned's tweet card. Have I Been Pwned allows you to check whether your email address has been exposed in a data breach.

12.0K

Have I Been Pwned@haveibeenpwned · Jul 15

New breach: Thai-language fiction and comics MaReads had 74k records breached last month. Data included email address, username, phone number and DoB. 49% were already in @haveibeenpwned haveibeenpwned.com

17.0K

Have I Been Pwned@haveibeenpwned · Jul 13

New breach: Indian CME platform Omnicuris had 200k records breached last month. Data included name, email address, phone number, geolocation and data relating to professional expertise and training progress. 51% were already in @haveibeenpwned haveibeenpwned.com

16.0K

Have I Been Pwned@haveibeenpwned · Jul 3

New sensitive breach: Last month, spyware app Catwatchful had 62k records breached via a SQL injection vulnerability that exposed email addresses and plain text passwords. 30% were already in @haveibeenpwned. Read more: techcrunch.com/2025/07/02/dat…

haveibeenpwned's tweet card. The spyware operation's exposed customer email addresses and passwords were shared with data breach notification service Have I Been Pwned.

29.0K

Have I Been Pwned@haveibeenpwned · Jun 25

New breach: Have Fun Teaching had 80k transactions with 27k unique email addresses breached in Aug 2021. Data also included physical and IP address, name, payment method and item purchased. 83% were already in @haveibeenpwned haveibeenpwned.com

17.0K

Have I Been Pwned@haveibeenpwned · Jun 13

New breach: South American mobility services platform Ualabee had 472k records scraped last month. Data included email address, name, DoB, phone number and profile photo. 52% were already in @haveibeenpwned. Read more: news.ualabee.com/Aclaraci-n-sob…

haveibeenpwned's tweet card. En Ualabee iniciamos una investigación tras identificar una publicación externa que contenía datos potencialmente asociados a usuarios de nuestra plataforma. Tras analizar el caso, confirmamos que no...

35.0K

Have I Been Pwned@haveibeenpwned · Jun 10

New breach: Now defunct social media influencer platform WiredBucks was breached in 2022. Over 900k email and IP addresses, names, usernames and plain text passwords were exposed. 32% were already in @haveibeenpwned. Read more: cybernews.com/security/billi…

haveibeenpwned's tweet card. The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak is almost...

29.0K

Have I Been Pwned@haveibeenpwned · Jun 7

New breach: Japanese record chain store Disk Union had 690k email addresses breached in June 2022. Data included name, post code, phone and plain text password. 40% were already in @haveibeenpwned. Read more: news.kaduu.io/blog/2022/07/0…

25.0K

Have I Been Pwned@haveibeenpwned · Jun 3

New breach: ColoCrossing had 7k email addresses breached from their ColoCloud cloud/VPS service last month. Data also included name and MD5-Crypt password hash. 38% were already in @haveibeenpwned. Read more: lowendbox.com/blog/colocloud…

22.0K

Have I Been Pwned@haveibeenpwned · May 23

New sensitive breach: The 2nd wave of Operation Endgame to disrupt criminal ransomware infrastructure has resulted in 15.4M email addresses and 43.8M passwords being provided to HIBP by law enforcement agencies. 83% were already in @haveibeenpwned. More: europol.europa.eu/media-press/ne…

20.0K

Have I Been Pwned@haveibeenpwned · May 22

New breach: Fédération Francaise de Rugby had 282k email addresses breached in June 2023. Data also included name, DoB and phone number. 69% were already in @haveibeenpwned. Read more: lemonde.fr/sport/article/…

haveibeenpwned's tweet card. Un groupe de pirates menace de publier des documents récupérés dans une attaque ayant eu lieu au début du mois. La FFR assure avoir rétabli les systèmes informatiques et ne pas avoir l’intention de...

15.0K

Have I Been Pwned@haveibeenpwned · May 8

New breach: OnRPG had 1M email addresses breached in 2016. Data also included IP address, username and salted MD5 password hash. 86% were already in @haveibeenpwned. Read more: cybernews.com/security/billi…

20.0K

Have I Been Pwned@haveibeenpwned · May 1

New breach: Hungarian education office website TehetségKapu had almost 55k records breached in March. Data included email address, name and username. 32% were already in @haveibeenpwned. Read more: 444.hu/2025/03/27/55-…

haveibeenpwned's tweet card. Az iskolai kompetenciamérést is lebonyolító Tehetségkapu nevű rendszerhez fértek hozzá a hackerek és nyilvánosságra hozták, amit elloptak.

16.0K

Have I Been Pwned@haveibeenpwned · Apr 9

New breach: Indonesian restaurant website Qraved had almost 1M email addresses breached in 2021. Data also included name, phone, DoB and MD5 password hash. 83% were already in @haveibeenpwned. Read more: cybernews.com/security/billi…

13.0K

Have I Been Pwned@haveibeenpwned · Mar 30

New breach: German Doner Kebab had 162k unique email addresses publicly posted to a hacking forum last week. Data also included name, phone and physical addrress. 74% were already in @haveibeenpwned. Read more: x.com/DarkWebInforme…

DDark Web Informer - Cyber Threat Intelligence@DarkWebInformer · Mar 27

🚨Alleged database leak of German Doner Kebab (GDK) Data reportedly includes: Customer names, dates of birth, email addresses, mobile phone numbers, customer addresses, postcodes, marketing preferences, and additional text field information.

34.0K