Frequently Asked Questions
Everything you need to know about LeakedSource and protecting your data.
LeakedSource is a breach intelligence platform that lets you check if your personal data has been compromised in known data breaches. We index over 18.9 billion records across 12,000+ breach sources, making us one of the most comprehensive breach search engines available. You can search by email address, username, phone number, IP address, or domain to discover your exposure. LeakedSource is powered by HEROIC's breach intelligence technology.
Yes, LeakedSource offers a free tier. Anyone can scan their email on our homepage and instantly see how many breaches they appear in and which breach sources are affected. Creating a free account gives you 5 searches per day and monitoring for up to 2 email addresses. For users who need more, our Pro plan ($10/month) includes 20 daily searches, full breach record details, stealer log access, and monitoring for up to 10 email addresses. Our Business plan ($99/month) provides 100 daily searches and domain-level monitoring for organizations.
Our breach data is sourced from HEROIC, which operates one of the world's largest breach intelligence databases. HEROIC collects data from publicly disclosed breaches, security research, exposed databases, paste sites, underground forums, and stealer log repositories. Data is processed, deduplicated, and indexed to make it searchable. HEROIC does not purchase stolen data, participate in hacking, or encourage any illegal activity. The purpose is strictly defensive — helping individuals and organizations discover and respond to their exposure.
Our database includes a wide range of breach types: Traditional database breaches where an organization's systems were compromised (e.g., National Public Data, LinkedIn, Adobe). Data scraping incidents where public-facing APIs were exploited to collect user data at scale (e.g., Trello, Twilio Authy). Stealer log collections containing credentials harvested by infostealer malware from infected devices. Combolists and credential dumps that aggregate stolen data from multiple sources. Cloud misconfigurations where databases were inadvertently left exposed on the internet. Together, these sources cover over 12,000 individual breach events spanning from the early 2000s through the present day.
LeakedSource supports five search types. Email address: the most common search, checks your email against all indexed breaches. Username: finds breaches containing a specific username. Phone number: searches for your phone number across breach data. IP address: checks if an IP address appears in breach records or stealer logs. Domain: searches for all breached records associated with an email domain, useful for businesses checking organizational exposure. Free users can see which breaches they appear in and what types of data were exposed. Pro users get full record details including the actual compromised data.
Yes. Free homepage scans do not require an account, and we cache results only temporarily to improve performance. For registered users, search history is stored securely in your account so you can review past searches, but this data is never shared with third parties or used for marketing purposes. All connections to LeakedSource are encrypted via HTTPS, and our infrastructure is protected by Cloudflare's security network. For full details, see our Privacy Policy.
Follow these steps using LeakedSource to identify and resolve your exposure:
Step 1: Scan your email — Enter your email address on the LeakedSource homepage to see which breaches you appear in and what types of data were exposed.
Step 2: Create an account and review details — Sign up for a free account to see the full breakdown of each breach, including specific data fields that were compromised (passwords, phone numbers, addresses, etc.).
Step 3: Change compromised passwords — For every breach that exposed a password, change it immediately on the affected service. If you reused that password on other sites, change it everywhere. Use a unique, strong password for each account.
Step 4: Enable two-factor authentication — Turn on 2FA on all accounts that support it, starting with your email, financial, and social media accounts. Use an authenticator app rather than SMS when possible.
Step 5: Check for identity theft — If sensitive data like Social Security numbers, government IDs, or financial details were exposed, monitor your credit reports and consider placing a credit freeze.
Step 6: Enable continuous monitoring — Set up breach monitoring in your LeakedSource account so you're alerted instantly when your data appears in any newly discovered breach.
Step 1: Scan your email — Enter your email address on the LeakedSource homepage to see which breaches you appear in and what types of data were exposed.
Step 2: Create an account and review details — Sign up for a free account to see the full breakdown of each breach, including specific data fields that were compromised (passwords, phone numbers, addresses, etc.).
Step 3: Change compromised passwords — For every breach that exposed a password, change it immediately on the affected service. If you reused that password on other sites, change it everywhere. Use a unique, strong password for each account.
Step 4: Enable two-factor authentication — Turn on 2FA on all accounts that support it, starting with your email, financial, and social media accounts. Use an authenticator app rather than SMS when possible.
Step 5: Check for identity theft — If sensitive data like Social Security numbers, government IDs, or financial details were exposed, monitor your credit reports and consider placing a credit freeze.
Step 6: Enable continuous monitoring — Set up breach monitoring in your LeakedSource account so you're alerted instantly when your data appears in any newly discovered breach.
The HEROIC breach database is updated continuously as new breaches are discovered, analyzed, and indexed. In 2024 alone, over 4,800 new breach sources containing 3.3 billion records were added. Our local breach index syncs automatically every 6 hours. If you have monitoring enabled, you'll receive alerts as soon as your data appears in a newly indexed breach.
A traditional data breach occurs when an attacker compromises an organization's systems and steals their user database (e.g., the LinkedIn breach exposed 136 million accounts). A stealer log is different — it comes from infostealer malware (such as Redline, Raccoon, or Vidar) installed on individual users' devices. This malware captures saved passwords, browser cookies, autofill data, and session tokens directly from the victim's computer. Stealer logs are particularly dangerous because they often contain currently valid credentials, not old passwords. LeakedSource indexes both types. Pro users have access to stealer log data, which is restricted due to its sensitivity.
The largest individual breaches indexed by LeakedSource include: Verifications.io (722 million records), Weibo (503 million records), MySpace (301 million records), Adobe (293 million records), Deezer (228 million records), People Data Labs (202 million records), AdultFriendFinder (202 million records), National Public Data (169 million records), Canva (137 million records), and LinkedIn (136 million records). You can browse all 12,000+ breach sources in our Breach Database.
LeakedSource is a breach awareness service — we help you discover your exposure so you can take action. We do not host the original breached databases, and removing your data from our index does not remove it from the breach itself or from other copies circulating online. However, if you have a legitimate concern, you can contact us at [email protected] to discuss your situation. The most effective response to a breach is to change your compromised credentials and enable two-factor authentication rather than attempting to remove data that is already widely distributed.
While both services help users discover breach exposure, LeakedSource offers several differences. We index over 18.9 billion records across 12,000+ sources, including stealer logs and combolists. Registered users can search by email, username, phone number, IP address, or domain — not just email. Pro users can see the actual compromised data (with appropriate masking of sensitive fields), not just which breaches they appear in. Our breach database is powered by HEROIC's enterprise-grade threat intelligence platform, which is also used by security professionals and organizations worldwide.
Yes. LeakedSource is a defensive cybersecurity tool. Checking whether your own data appears in known breaches is entirely legal and is in fact recommended by security experts, government agencies, and organizations like NIST. Our Terms of Service explicitly prohibit using the service to access other people's data without authorization, for credential stuffing, harassment, or any illegal purpose. We mask sensitive data fields and restrict access to detailed breach records to authenticated users to prevent misuse.
HEROIC is the parent company of LeakedSource and operates one of the world's largest breach intelligence platforms, indexing over 18.9 billion records from 12,000+ breach sources. HEROIC's technology powers breach monitoring, credential screening, and threat intelligence for individuals, businesses, and enterprise security teams. LeakedSource is HEROIC's consumer-facing service, making breach awareness accessible to everyone.