BreachRadar

BreachRadar tells you whether an email address shows up in any publicly known data breach.

How to use it

Enter an email address and press Check. The tool returns a list of every breach the address appears in, with:

• The breach name and date
• The number of accounts exposed
• The data classes leaked (passwords, phone numbers, addresses, etc.)
• A short description of what happened

A clean check just means the address isn't in any indexed breach. It is not a guarantee. Many breaches stay private for months or years before being publicly disclosed.

What to do if you're breached

The exact playbook depends on what was leaked, but the basics are universal:

1. Change the password on every site where you reused it. Reuse is the single most common reason a breach turns into account takeover.
2. Enable two-factor authentication wherever it is available. Even leaked passwords are useless against a second factor.
3. Move to a password manager. Bitwarden, 1Password and similar tools generate a unique random password per site, so the next breach affects only one account.
4. Watch for phishing. Leaked addresses are scraped into spam and phishing lists within days, so be sceptical of unsolicited messages referencing breached services.

If the breach exposed financial data (card numbers, banking details), notify your bank immediately and request a card replacement.

Privacy

BreachRadar checks each address against a public breach index. We do not store the addresses you check, and we do not log them server-side. The request is rate-limited per IP to prevent enumeration.

Related

• Generate a strong unique password with the Password Generator
• Run the host site through the Scanner if you suspect the breach came from a recent sign-up