HIBP Approaching 4 Billion Hacked Accounts. Including Yours?


Hacked emails databaseIn the early days of Google, the search engine used to include a message on the front of its site which stated the total number of pages in its index. It was 2004 when Google first hit the major milestone of having crawled and memorised a billion pages.

A few years later the total hit 4 billion, then 8. After that, Google stopped publishing the numbers because it didn't want to divulge trade secrets to other search engines that might threaten its dominant position.

In the next few weeks, another search engine is going to reach the 4 billion milestone. But this isn't a database of web pages. It's a list of hacked email accounts, gathered and curated by Australian security researcher Troy Hunt. Each time hackers manage to obtain the email addresses and account details of a company's users, and publish them online, Troy grabs a copy of the leak and adds it to his index. There are now 3.8 billion email addresses in there, and I hear rumour of another hack that might be about to add 120 million new entries.

Troy's database is at www.haveibeenpwned.com and the idea is that you use it occasionally to check that your own email address isn't listed in there. If it is, the system will tell you where it came from, and thus which of your passwords you need to change.

If you haven't searched for your own email addresses on www.haveibeenpwned.com, take a minute to do so now. And do it again in a couple of months, just in case.

Please rate this article: 

Your rating: None
Average: 4.2 (18 votes)


Take a minute?? Have tried this several times with different accounts, and while the activity bar is moving, I've let it run for up to 15 minutes with no results reported. Any tips? It would be ironic if the hackers are now blocking his site...

All of my emails were used in accounts on breached sites other than my Yahoo one. cheeky

How do we know this is not a honeypot web site to collect our e-mail addresses?