Tool 02 — Privacy & Passwords

Email Breach Checker

Check if your email address appeared in a known data breach. Uses the LeakCheck API. Your query is not stored by HexScan.

Breach Checker

Check if your email appeared in a known data breach.

Uses the LeakCheck API. Your data is not stored.

What is a data breach?

A data breach occurs when an unauthorized party gains access to a database containing user information — typically usernames, email addresses, passwords, and sometimes payment data or personal identifiers. Breaches can happen due to SQL injection attacks, misconfigured servers, insider threats, phishing campaigns against employees, or vulnerabilities in third-party software.

Once credentials are stolen, they are typically compiled into lists and sold on dark web marketplaces. These lists then get used in credential stuffing attacks — automated tools that try each username/password pair across dozens of other services, exploiting the fact that most people reuse passwords.

Notable breaches — real world examples

LinkedIn — 2012 / 2016

117 million credentials. Original breach in 2012; full dataset surfaced for sale in 2016. Passwords were SHA-1 hashed without salt — cracked within weeks.

Adobe — 2013

153 million records. Passwords encrypted with 3DES (not hashed), plus a password hint field that made cracking trivial.

Yahoo — 2013–2014

3 billion accounts. Largest breach ever disclosed. Not revealed until 2016. MD5 hashed passwords with no salt on some accounts.

RockYou2021 — 2021

8.4 billion password entries — a compilation of previous breaches. Largest credential list ever published.

How does the breach checker work?

This tool queries the LeakCheck API, which aggregates data from publicly known breach dumps. When you submit an email, the API checks it against its index of breached records and returns which breaches (if any) the email appeared in.

Your email is sent as part of the API query — LeakCheck's privacy policy governs how they handle that data. HexScan does not log, store, or transmit your email to any other service. See the Privacy Policy.

What to do if your email was found in a breach

Change the password for the breached service immediately.
If you reused that password anywhere else, change it on every site that shares it.
Enable two-factor authentication on your email account — this is the most impactful single action you can take.
Check whether your email provider supports alerts for suspicious login attempts.
Consider using a password manager to generate and store unique passwords for each service going forward.
If financial data was involved in the breach, monitor your accounts and consider a credit freeze.

Credential stuffing — the real risk of reused passwords

When a breach occurs, attackers don't just try to log into the breached service — they systematically try the same email/password combination against every major platform: Google, Facebook, banking sites, Amazon, PayPal. This is credential stuffing, and it's highly automated.

Tools like Sentry MBA, OpenBullet, and STORM run through millions of credential pairs per hour. Defenses like rate limiting, CAPTCHA, and IP blocking slow this down but don't stop it completely. The only reliable defense is unique passwords per service — which makes each leaked credential useless everywhere else.

← Back to all tools