have i been pwned?

pwned” derives from the word “owned” (intentionally misspelled) and its used to indicate that you’ve been controlled or compromised, typically as in

I was pwned in the Twitter data breach

A data breach is where data has been exposed either intentionally or by accident from a system that that has been accessed through security weaknesses.

Targets for data breaches are often email addresses and passwords used to login to accounts that you have used across the internet. If you discover your account has been compromised you should take appropriate action such as changing your passwords.

There is a useful website that you can use to check whether your email address has been compromised at “have i been pwned?


The free-to-use website was created by Troy Hunt as a free resource to determine if a user has had their account details compromised (pwned) in a data breach.

There is a FAQ page available that provides further information about the site.


To check whether your email address appears in a breach simply enter it in the field on the home page. A list of websites that had breaches where your details were obtained is displayed and it is advisable to change the password used in the companies where the data breach occurred. The list also includes further details of the data that was accessed.

A list of preached websites, and included on haveibeenpwned.com are available at


It has often been said that “The only secure password is the one you can’t remember” so it is worthwhile considering a password manager such as 1Password or LastPass to improve your online security.

A password manager is an easy way to store and use strong passwords and log in to sites across different platforms (including Windows, MacOS, Linux and mobile devices).

Find out more at