Have I been Pwned?

No that was not a typo. There is a website that has access to data breach information. It is not clear whether it lists all data breaches in the public domain, or a select few of them. The website asks you to enter an email address into the site, it will check through the information it holds and will respond if a match is found. 

I tried one of mine and it returned several results indicating that my email address and an associated password to access an online account is in public circulation. It also shows if your email address is in spam lists as well. 

I have seen two sets of results on data breaches, one indicated your email address exists in a list somewhere that is in circulation, (typically a junk mailing list). You cannot do anything about this. The other case tells you the website and your email AND a password is in circulation. In the latter case you should be concerned about it if you were previously unaware. 

Many people still use the same password in multiple places. If you go to this system, and find your email address and password is in general circulation, you need to check where on what other sites you have used it on. Hackers will try to use the combination on other sites to establish if you hold accounts there.  It is highly likely you cannot remember where you used it. If that is the case you should be able to search through the email account you use and scan through it to see where messages are coming from. If they are from websites you are familiar with, return to them and change your password.

The “Have I Been Pwned” also contains over 517,238,891 compromised passwords as well. I would be cautious about using that feature. 

I will also add here I was a little skeptical when I visited the site, but I put one of my email addresses in I used a few years ago and it came up with data breaches on sites I have formerly used. Equally I made some email addresses up using my domain name, and nothing was returned. So I think the site carries credibility in what it is doing. 

Check out the website here: https://haveibeenpwned.com/