View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 8, 2016updated 13 Jan 2017 11:18am

Have you been pwned? Best hacking websites to check if your personal information has been stolen

By Ellie Burns

It seems that not a day goes by without another cyber attack being discovered, or a data breach being made public by an apologetic multinational. The dark web is now a booming marketplace for the criminally minded, selling a myriad of personal information from email addresses and passwords, to credit card numbers. Attacks on Adobe, LinkedIn and MySpace are just some of the high-profile breaches which have resulted in the leak of millions of email addresses, passwords and other data to marketplaces online.

With so many companies breached and so much data available in the dark ether, the questions you should be asking yourself is: Have I already been hacked?

If you do not know the answer to this question, then you need to act now. There are a number of online services available which allow you to check if your personal information has been involved in a breach – vital tools which can help protect your digital footprint.

Here, CBR gives you the best sites to check if your personal information is safe.


Have I been pwned?

Cost: Free

Troy Hunt created Have I Been Pawned as a free resource which allows anyone to quickly check if an online account has been compromised or ‘pwned’ in a data breach. Inspired by the massive data breach which hit Adobe, Mr Hunt created the site after post-breach analysis revealed the same accounts being exposed over and over again.

The site gives users a simple interface – just enter in the address of the online account you want to check and then wait for results.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

All the data on the site comes from website breaches that have been made publicly available – which some may say limits the service somewhat. The free service also only provides results for a single user-provided email address or username at a time. However, using the domain search feature – which searches for pwned accounts across entire domains – multiple breached accounts can be retrieved after verification.

have I been pwned - personal information hack checker

For a free service this a brilliant site to visit – from my visit I found that my Hotmail address was leaked in the LinkedIn and Adobe data breaches. It is well-known for being one of the most simple, informative sites out there to check if you have been compromised – a must to visit.


Continue reading to learn about a service which scans the dark web



Cost: £3.50 per month

This is a new online service which monitors the Dark Web for stolen personal information.

Giving you the power to scan the darkest corners of the internet, OwlDetect allows users to check if any personal data has been leaked or stolen during a cyberattack.

Scanning 24/7 over 600,000 websites, 10,000 forums and 1,000 Twitter accounts daily, using both online programs and trained experts to find compromised information, OwlDetect can find:

  • Debit or credit card numbers
  • Bank account detailsOwlDetect - personal information hack checker
  • Email addresses
  • Phone numbers
  • Passport details
  • National Insurance number
  • Driving licence number

After you provide OwlDetect with your personal information, the service will run a scan against a database of compromised personal data, collected for over ten years from unsecure and illegal data trading sites. If your details are found OwlDetect will let you know and provide you with an action plan to help you resolve potential issues.

The monthly subscription not only covers your email addresses, bank details and phone numbers, but also monitors your passport, national insurance number and driving license number.


Want to know if your password has been stolen? Then the next tool is for you



Cost: Free & Paid

BreachAlarm is a similar service to OwlDetect, although its scope is limited to password data. The free service allows you to check anonymously if your password has been posted online – simply by inputting your email address. Scanning the internet and leveraging a database which contains the unique fingerprints of over 634 million hacked email addresses, the service tells you if you have been hacked.

BreachAlarm has a number of good features, including an email watchdog which notifies you immediately if your personal information has been spotted in a breach. However, BreachAlarm will not tell you which breach, or what company, has been hacked in the event that your data is spotted.

BreachAlarm - personal information hack checkerThe service also gives users three payment options, as well as a plan aimed at businesses. The free plan covers immediate breach notification and protects one email address only, while the $30 per year family pack protects up to 50 emails and includes detailed breach notification information.


Using email and postcode to check identity theft – the next tool uses both


Has My Identity Been Stolen?

Cost: Free

Owned my the MergerMarket Group and counting ex-senior policemen among its executive team, Has My Identity Been Stolen is a free service which allows you to check if your identity has been stolen. The service scans the internet and deep web, with a database compiled from data which has been ‘been in criminal hands and made available on the internet.’

Interestingly, Has My Identity Been Stolen prefers not to use spyders to gather results, Has my identity been stolen - personal information hack checkerinstead employing a global network of human sources who have access to the Dark Web. Encouragingly, the service works towards the goal of preventing and reducing stolen data and personal information, capturing compromised IDs before the criminals can sell them.

The online service uses an easy interface which gives you two options – check by postcode or check by email. Once a verification code has been sent to the requested email, a search results box will tell you one of three answers:

  1. No records found based on search criteria to suggest identity fraud at the present time.
  2. At present we only have your email address. The record was discovered on dd/mm/yyyy. This has been transacted and means that you could be a target for Phishing and Spam emails in order to build your identity profile for use or future sale.
  3. A number of records found, suggesting possible Identity fraud. The record was discovered on dd/mm/yyyy.

Although limited in its monitoring of only 100 dark sites, features such as searching by post code, make this a great site to visit.


Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.