Sign up for data breach alerts
Register your email address on Have I Been Pwned (haveibeenpwned.com) to receive free alerts if your details appear in a future data breach. You will hear about it before an attacker tries to use it.
Why this matters
When a website is breached, attackers often obtain email addresses and passwords and then try those credentials on banking, email, and social media accounts in a technique called credential stuffing. Being alerted as soon as your email appears in a breach gives you time to change passwords and secure accounts before an attacker tries them.
How to do it
- Go to haveibeenpwned.com.
- Enter your primary email address in the search box to see if it has already appeared in any known breaches.
- If any breaches are shown, change the password for the affected service immediately — especially if you reused that password elsewhere.
- Click 'Notify me' and register your email address to receive future breach alerts.
- Repeat for any secondary email addresses you use for important accounts.
Cyber Essentials framework
This task falls under the User Accesscontrol — one of five areas assessed in the UK's Cyber Essentials scheme. Completing it counts toward your Cyber Essentials alignment.
Track your full security score — free
Create a free account to check off tasks, see your Security Score, and build toward Cyber Essentials alignment.
Start your free security check