Rajib Singha
Check if your Online Account has been Leaked in a Data Breach
July 8, 2016

A data breach is defined as an incident where private and confidential information is illegally viewed, used or accessed by a malicious entity. In May 2016, passwords of over 100 million LinkedIn users were stolen by hackers in a major data breach.

Similar incidents of data breach have occurred in the past, and there are no signs that can tell that they won’t occur in the future. During a data breach, personal information such as email ID, passwords, date of birth, addresses, credit/debit card numbers, bank accounts, etc., are potentially exposed to hackers. Depending on the leaked data, hackers can:

Commit identity theft – can open fake bank accounts under your name

Hack other accounts – using the leaked password and email ID, they can access your other online accounts

Launch phishing attacks – using personal information such as your name, date of birth, address, etc., they can target you with specially crafted phishing emails and steal more sensitive information

In short, data breaches are bad news. We have come across a site where users can check if their online accounts were leaked in any of the data breaches that happened in the past. Using the site is simple. Just enter your online account (email ID or username) and click on pwned? as shown below.

# If your account was compromised in any breach, it will show up like this:

have i been pwned

What should you do?
Change the account’s password. Choose one that is made up of a mix of uppercase, lowercase letters, special characters, and numbers. Something like this InoNothin@343#

# And if your account was not compromised, it will show up like this:

have i been pwned2

What should you do?
You don’t have to worry for now. But still, if you haven’t changed your password for quite some time, consider changing it. Better safe than worry.

So, pay a visit to and run a quick check on your online account.

If find this post helpful, share it with your friends and peers.


Have something to add to this story? Share it in the comments.

Rajib Singha
About Rajib Singha
Rajib is an IT security news junkie and a computer security blogger at Quick Heal. He is passionate about promoting cybersecurity awareness, content and digital...
Articles by Rajib Singha »


Your email address will not be published.


  1. Hasta GurungJuly 9, 2016 at 1:21 PM

    so far Good

  2. Sometime I found my quickheal secure browser not working too.

    • And I found one of my old gmail PWNED and no patch.
      what does it mean .

      • Rajib Singha Rajib SinghaJuly 14, 2016 at 4:55 PM

        Hi Sanju,

        Please refer to the below FAQ that might help answer you query.

        What is a “paste” and why include it on this site?

        A “paste” is information that has been “pasted” to a publicly facing website designed to share content such as Pastebin. These services are favoured by hackers due to the ease of anonymously sharing information and they’re frequently the first place a breach appears.

        HIBP searches through pastes that are broadcast by the @dumpmon Twitter account and reported as having emails that are a potential indicator of a breach. Finding an email address in a paste does not immediately mean it has been disclosed as the result of a breach. Review the paste and determine if your account has been compromised then take appropriate action such as changing passwords.


    • Rajib Singha Rajib SinghaJuly 14, 2016 at 4:56 PM

      Hi Sanju,

      Our support engineers can help. Please visit to chat with us online. You can also raise a ticket at and we will get back to you at the earliest.


  3. rajendra gurjarJuly 13, 2016 at 11:46 AM

    verey nice