Hackers and malware are constantly changing. There’s always a new data breach, and sadly, a sucker is born every minute. Sure, cybersecurity professionals combat these threats every day, but is that enough to keep our private information safe? Not all hacks are transparent, and anti-malware doesn’t help us sleep better at night. If a hacker is sniffing around, you need to know. Check out these websites to find out if you’re under attack.
Have I Been Pwned is one of the oldest, most popular, and best sites in the game. It works hard to track down breaches, verify them as legitimate, and present the data to keep you informed.
The site greets you with a basic search bar and a list of the latest and most significant breaches. Just type in your email address, and the site will search the breached data and showcase any red flags. You can also search for more sensitive breaches, but only after verifying your email address.
The site provides an option to deep link straight to a particular account, so you can instantly bring up results for one specific email address — great for repeated searches. If you sign up for email alerts, you’ll be notified as soon as your email address is found in a new breach, allowing you to change your password immediately.
Have I Been Pwned is a simple tool that still allows for some customization as needed. Moreover, it’s evident that site runner Troy Hunt genuinely cares about this sort of white hat work, as well as educating users on the dangers of data breaches.
You can read more about Troy Hunt and his thoughts on the business.
BreachAlarm is an alternative to Have I Been Pwned, giving you another place to check for breaches. Along with its free email-checking service, it also has paid-for notification and protective services.
The $30-per-year subscription is probably more than you need, but if you are looking for a service more oriented toward small businesses or large families, you may prefer BreachAlarm and its highly organized approach to data breaches. There’s also no law against checking multiple hack verification sites just to make sure.
DeHashed works similarly to other options on this list, but where they focus on email addresses, DeHashed does more. Want to see if your name appears in hacked lists? You can. The site presents a search bar with options to search for your username, IP address, name, address, phone number, and more.
This tool isn’t as easy to use as some of the others. Some search results will be censored unless you purchase one of three subscriptions. Pricing ranges from $5.49 for a single week to $180 for a 12-month subscription. These paid plans include real-time asset monitoring, multiple asset monitoring, unlimited asset searches, and 24/7 customer support.
Sucuri Security Scanner takes a different approach: It allows you to check an entire site for any sign of bugs, blacklisting, security vulnerabilities, and the presence of hackers. It’s an ideal tool for bloggers and online businesses and should be used alongside other sites that check data for emails and usernames.
Sucuri offers a broader suite of security and malware removal services than most, with fees that reach hundreds per year for the professional options. There’s also an option for a WordPress plugin.
How do these websites work?
Hack search sites are a one-stop shop for collecting data from a variety of secondary sources that hackers typically utilize to find and share illicitly acquired content. These secondary sources — Pastebin, individual leakers, dark web forums — can be nefarious, which makes it very easy for enterprising hackers to access passwords and login info from data breaches and try them out.
In contrast to those secondary sources, hack search sites are a means for regular internet users to find out if any open breaches have actually compromised their personal data. If your information is there, you can then change your login data to protect yourself from future trouble.
Be aware of what site you’re using to keep track of your online security because some illegitimate sites use data mining to get your name, email address, and login information to use in future attempts to commit fraud. Others try tools and features that aren’t well-understood and end up creating even more serious data breaches before abruptly collapsing.
To better explain this situation, check out what happened to the once-popular Pwnedlist.