What Is a Data Breach? Have You Been Affected By a Leak?

Janis von Bleichert

The best protection against danger online is common sense. However, even if you do everything right, it's still possible to fall victim to cybercriminals, through no real fault of your own. One way that this can happen is through so-called data breaches / data leaks.

What Is a Data Breach?

Data leaks occur when private data, which you've saved with services or businesses online, is made public. This typically happens as a result of criminal activity, such as a hacker attack, but can also come about if a business or service doesn't exercise enough care or vigilance. Unprotected databanks are often weak points that are exploited in a stunningly efficient manner by cybercriminals.

Once a cybercriminal has gained access to your data, they can unleash a world of hurt, particularly in regards to the following:

Usernames and passwords
Larger companies don't typically save passwords in plain text, but rather as hashes. However, even though strong hashes do offer a considerable amount of security, weaker ones can be cracked, to say nothing of those services which save passwords in plain text. With such login information, cybercriminals can start credential stuffing, or using those same username/password combinations on other services in the hopes of prying them open.

Email addresses
If your email address winds up in the wrong hands, it can see your inbox suddenly become full of spam or extortion emails.

Personal information
Of course, there is also a range of other personal data that cybercriminals can misuse, such as your home address, birthday, or phone number. With this, it's possible to steal someone's identity and engage in all sorts of fraud online.

Data leaks have impacted some of the biggest names online, from AOL (2004), to Yahoo (2014), to Facebook (2018). The last of these lost access tokens for around 50 million users, providing attackers with the means to glean entry to both profiles as well as private information.

Has My Data Been Leaked?

Especially when larger data breaches are made public, they quickly fill up the headlines, since they impact millions of people. Once the datasets start to appear on Internet forums, there are a number of services that save and integrate them into databases. These can then be queried, to see if your email address is included.

On Have I Been Pwned it's possible to ascertain whether you've been an unknowing victim of a data breach in just a matter of seconds. After entering your email address, the service will tell you not only if your email has been compromised, but also as part of which leaks.

HPI Identity Leak Checker
The Hasso-Plattner Institute's Identity Leak Checker uses your email address to determine if personal data (such as your address, birthday, or phone number) has been publicized online. After entering your email address, you'll receive a table that shows you when your account has been compromised, and which personal data associated with it was likely made off with.

What To Do if Your Data Has Been Leaked?

Password lists that have been publicized online are often used for credential stuffing. If your email account has been part of a data breach, you should therefore not only change the password with the service directly impacted but also for any other service using the same password.

To be on the safe side, it's also a good idea to have a different password for every online service that you create an account with. To save you the work that this would entail, you can use a password manager. In our EXPERTE.com evaluation, we took a closer look at 12 of the most popular providers on the market, to help you find the solution that best meets your needs.

For phishing, spam, or extortion emails, there's not much to do besides ignoring them, unless you want to create a new email address.


Data breaches have existed since the Internet first came into being, and unfortunately, don't look like ceasing any time soon. Luckily, in dedicated online databanks, you can find out if you've been impacted and take the necessary steps to shore up your digital defenses.

Secure and unique passwords are the best protection against cybercrime arising from data leaks. To help in creating and staying on top of these, we at EXPERTE.com recommend using a password manager.

Author: Janis von Bleichert
Janis von Bleichert studied business informatics at the TU Munich and computer science at the TU Berlin, Germany. He has been self-employed since 2006 and is the founder of EXPERTE.com. He writes about hosting, software and IT security.
Other languages:
Deutsch Français 
More about IT-Security
Cyber Attacks - 3 Current Threats and Countermeasures
HDD and SSD - How to Safely Wipe Your Hard Drive
Phishing: Recognizing the Threat
Data Theft: What Is It? How Can I Protect Myself?
Best Password Manager - 12 Tools Reviewed
How To Remove Junk Files From Your Windows PC
VPN Leak Test - Is Your Private IP Public?
Browser Fingerprinting - What Is It and How Can I Protect Myself?
Best VPN - Review of 22 VPN Providers
Internet Censorship - Site Blocked in China, Russia or Turkey?
Password Generator - Generate a Secure Password
Browser Privacy Check - Which Traces Do I Leave on the Web?
Password Checker - How Secure Is My Password?
Darknet - What Is It and How Can I Access It?
Internet Pitfalls - The 7 Biggest Dangers Online
Data Recovery - Restoring Deleted Files
Secure Messengers - The 5 Best Alternatives to WhatsApp
Anonymous Search Engines - 3 Alternatives to Google
Doxing - What It Is and How You Can Protect Yourself
Privacy Browsers: The Best Browsers for Maximum Security
Two-Factor Authentication - This is how you secure your accounts
Ad Blocker - How to Protect Yourself From Annoying Ads
Secure Password - What Makes a Strong Password?
Do Not Track - What It Is and How It Can Protect You
Manage Passwords - Best Way to Store Passwords
Anonymity Online: Tor and the Tor Browser
Identity Theft on The Web – How To Protect Yourself
Best Cloud Backup - 7 Online Backup Providers Reviewed
Best Antivirus Software - 11 Programs Reviewed
How To Change Your IP Address - 3 Simple Ways
Email hacked? How To Find Out if Your Email Has Been Hacked
Anonymous Browsing - How to Surf Anonymously Online
Hide IP - How to Hide My IP Address