Have I Been Pwned Reviews 

60
TrustScore 3.5 out of 5

3.4

While we don't verify specific claims because reviewers' opinions are their own, we may label reviews as "Verified" when we can confirm a business interaction took place. Read more

To protect platform integrity, every review on our platform—verified or not—is screened by our 24/7 automated software. This technology is designed to identify and remove content that breaches our guidelines, including reviews that are not based on a genuine experience. We recognise we may not catch everything, and you can flag anything you think we may have missed. Read more

See what reviewers are saying

Rated 3 out of 5 stars

Most frustrating - handy to know i have been breached but then no details or hint as to what password has been breached so no way of knowing what to change more worryingly dash board says my dom... See more

Rated 1 out of 5 stars

I put my email address in and with 2 days, someone was tried to hack my Microsoft account and Facebook. Got notifications to the email address I put in.

Rated 5 out of 5 stars

I just checked multiple email addresses that I have used over many years and its findings accurately found webhosts where I had submitted my email addresses and were subsequently hacked. This did, of... See more

Rated 5 out of 5 stars

I'm confused about the few negative reviews on here. I think people don't understand the complexity of passwords and how they work. For example, just because Google says your password is brilliant doe... See more

Company details

  1. Software company
  2. Internet Service Provider

Written by the company

Have I Been Pwned (HIBP) is an online service that allows individuals and organisations to check whether their personal data has been compromised in known data breaches. Founded in December 2013 by Australian cybersecurity expert and Microsoft Regional Director, Troy Hunt, HIBP has become one of the most trusted resources for breach awareness and security education worldwide. The service aggregates billions of records from publicly disclosed breaches and provides a simple way for individuals and businesses to search for their email addresses or domains to see if they appear in any incidents. Trustworthiness has been central to HIBP’s reputation. It has always operated with transparency, openly documenting breach sources, handling sensitive data responsibly, and offering services like domain verification so organisations can monitor corporate email addresses securely. Its partnerships with law enforcement agencies, including the FBI, and major technology companies such as Mozilla (for Firefox Monitor) further reinforce its credibility. Over the years, HIBP has expanded to include features like password exposure checks (Pwned Passwords) and API integrations for developers and security teams. Its mission remains the same: to make breach data accessible in a responsible way, helping people understand and mitigate risks after a security incident.


Contact info

3.4

Average

TrustScore 3.5 out of 5

60 reviews

5-star
4-star
3-star
2-star
1-star

No recent history of asking for reviews

This company hasn't invited customers recently, so reviews may not be representative

Replied to 71% of negative reviews

Typically replies within 24 hours

How this company uses Trustpilot

See how their reviews and ratings are sourced, scored, and moderated.

3.4

All reviews

(60)

24 reviews in the last 12 months

Write a review
Companies on Trustpilot aren't allowed to offer incentives or pay to hide reviews. Reviews are the opinions of individual users and not of Trustpilot. Read more

Rated 5 out of 5 stars

Support Agent at Chanced Casino

I have been playing on Chanced for a few years now. I play 6 out of 7 days a week. I have dealt with many different support agents. The past few times I have contacted support I spoke with Rosco he is a terrific agent always has a quick response time, very professional and pleasant and always resolved the problems or questions I have had. He is Great at his job.

9 June 2025
Unprompted review
Rated 3 out of 5 stars

Not so useful in my opinion

This website only shows which platforms have been hacked or have suffered data breaches.
I checked my current email address and also two email addresses I had in the past.
It shows a list of websites which suffered data breaches.
The strange thing is that I checked the email address I had when I was a teenager and the website told me that it was included in a data breach suffered by LinkedIn in 2016 and by Wattpad in 2020. The thing is that the email address I checked was deactivated in 2008, and I had never signed up to LinkedIn with that email address!

22 March 2025
Unprompted review
Rated 1 out of 5 stars

Next to useless!

Next to useless!

Great, it'll tell me that my E. mail address is in a data breech... but it won't tell me which accounts are actually listed... I have 100s of active accounts and even more "dead" ones... a clue as to which passwords need changing would "kinda be handy".

As it stands this site does little more than create paranoia as an aid to their attempts to sell me a password manager.

26 February 2025
Unprompted review
Rated 5 out of 5 stars

Giving full stars to counter some of the reviews that are off

So to clear up a little bit of the confusion in the comments:
1 person claimed they made up a fake email and it still said there was a breach and to try it - I did a few times with bs emails, and I got no breaches. Just because you don't own that email doesn't mean it doesn't exist.

Some people have said they saw breaches from sites they've never visited so it must be fake - This is because businesses sell your data to third-parties. For example I was affected by a breach by a sunglass company I never bought from. This is because the company I got my Ray-bans from sold my data and that company was breached

There was one person saying it said their Google account was breached - I think you need to scroll down and look at the results. Unless it says "Google" specifically on the breach list, it just means a service you used your Google email for was breached.

Someone said they got a bunch of spam emails after using this site- I checked both my main emails for breaches and haven't recieved any spam emails since checking (which was only about an hour ago, but if it was connected it would be typically be automated and I would get them basically instantly).

1 person said they had nothing but it offered them 1Password to keep them safe - Yes, this is automated and is going to show up for everyone whether you have no breaches or 5k. The entire point of a site like this is to keep your data safe, so they offer you a reputable site that helps, and they probably get a cut for everyone that signs up via their site, which is how they make the money to run the site. Don't need it, ignore the offer.

1 person said Google's report shows no breaches but this site does - This is true for me too and also confuses me. Maybe Google doesn't pickup the third-party breaches or maybe the breach has been scrubbed from the web and it doesn't pick it up. I honestly don't know for this one 🤷🏼‍♂️

I just started looking into this because of the NPD breach and my list had some breaches from services I definitely used, and some from ones I've never heard of, because it was a third-party. I don't know how legit the service is. I saw the creator was a hacker on some message boards, so I wanted to see what others have thought of this. I'm not saying one way or another because I don't know. But some of the reasons on here for lower scores just either don't understand how these services work or just mistaken on some things.

I have no affiliation with this company/person and have never heard of them until today. I'm putting this here because I get this may seem like I'm repping the site, but I just don't think they should get bad reviews over misunderstanding how it works.

21 August 2024
Unprompted review
Rated 5 out of 5 stars

Confused.com🤦

I'm confused about the few negative reviews on here. I think people don't understand the complexity of passwords and how they work. For example, just because Google says your password is brilliant does not mean it hasn't been compromised because of your complacency. Also, remember that your false email could well, and probably does, belong to someone else. 🤦

8 August 2024
Unprompted review
Rated 5 out of 5 stars

Have I Been Pwned does exactly what it says it will do.

As HIBP say:
A "breach" is an incident where data has been unintentionally exposed to the public.

You can probably tell when your email address has been used by suss people - all of a sudden you get all sorts of emails supposedly from reputable places, or you get emails to everyone with your name, or any number of variations.

All you have to do is put in your email address and HIBP will tell you if your email address has been revealed. It doesn't prove anything. It just lets youknow it happened.
For instance, I received this notice from HIBP
Combolists Posted to Telegram: In May 2024, 2B rows of data with 361M unique email addresses were collated from malicious Telegram channels. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware.

Compromised data: Email addresses, Passwords, Usernames

And of course I had noted an increase of scam emails. Just be aware.

Have I Been Pwned is great

4 June 2024
Unprompted review
Rated 2 out of 5 stars

Questionable results

Questionable results. I've been getting emails saying that my email address has been compromised on various sites. The only problem -- I don't have accounts on these sites. Never have. If it's a case where someone had hacked my account, I think I'd notice it long before these email alerts came in.

It used to be a good site/service. Now, I'm not so sure.

24 June 2024
Unprompted review
Rated 2 out of 5 stars

Fantastic Service But Do Double Check Results

Concept & co-marketing of site is excellent as a business model (allowing I trust they are not spamming out my entered emails). However, there are red flags signaling reliability & veracity of the provided pwn info:
1) With some half-dozen 10-year old in-daily use emails on which I checked, HIBP never reported a breach older than 2017 or more recent than 2021. In contrast, companies reported breaches of several of these emails since 2022. It would seem HIBP is either not up to date, has severe sourcing problems, range restricts its reporting or otherwise seems to have significant limitations on how reliably or complete you can trust at least the recency of its information.
2) I entered several emails that have been dead since 2008 (when I sold the related domain). Breaches were reported on a couple of them in 2017 & 2018. Admittedly, not an error on HIBP's part, but again calls in to question the site's meaningful utility.
3) On the very much plus side, the website FAQ is quite transparent and clearly warns of the need for intelligent human judgement in interpreting it's results. It details how it's automated source extraction & analyses systems are inherently limited. For this I guess I have to give the website itself 3 stars, but the site's reliability and especially seemingly severe date range-restiction regretably force me to leave it as only 2 stars.
4) Regardless of the seeming critique above, I give the website authors/owners a solid 6 stars for the free public service and commend them most highly!

23 April 2024
Unprompted review
Rated 2 out of 5 stars

Was a great site but now useless for security-conscious

Was a great service but since they now want money for more than 10 compromised e-mail addresses it's become a joke. As a single user I have hundreds of e-mail addresses as I use different e-mail addresses for each company I give it to. They want $115/month for this. I've been a user for years so I very much know the value this service used to provide. Now it's useless.

12 March 2024
Unprompted review
Rated 1 out of 5 stars

Site said my Gmail account had been…

Site said my Gmail account had been pawned. My Google account password is huge, and Google said my Gmail account was perfect! Do you trust Google or a
little known, new site, like Have I been Pawned?

10 December 2022
Unprompted review
Rated 1 out of 5 stars

Dont use this site

I entered my email account and confirmed my account had not been hacked. I now receive spam mail, I dont believe its a coincidence, my experience suggests its a dodgy site.

14 October 2022
Unprompted review

The Trustpilot Experience

Anyone can write a Trustpilot review. People who write reviews have ownership to edit or delete them at any time, and they’ll be displayed as long as an account is active.

Companies can ask for reviews via automatic invitations. Labeled Verified, they’re about genuine experiences.

Learn more about other kinds of reviews.

We use dedicated people and clever technology to safeguard our platform. Find out how we combat fake reviews.

Learn about Trustpilot’s review process.

Here are 8 tips for writing great reviews.

Verification can help ensure real people are writing the reviews you read on Trustpilot.

Offering incentives for reviews or asking for them selectively can bias the TrustScore, which goes against our guidelines.

Take a closer look