71M Compromised Email Accounts Listed Online, How to Check Yours

Find out if your email address is one of the nearly 71 million in the recent Naz.API data breach dump.

Security researcher Troy Hunt has updated his valuable Have I Been Pwned free data breach notification service with as many as 71 million email addresses linked to hacked accounts.

The hijacked details were leaked online as part of the Naz.API dataset, which is a collection of over one billion user credentials stolen in previous data breaches and by malware tools.

Hunt said that the dataset was made available to him by a big name tech firm, after which he was able to add it to his database. The good news is this means you can now check if any of your compromised information was made public in the massive Naz.API data dump.

What is the Naz.API Dataset and Why Should You Care?

The Naz.API dataset is a collection of over a billion user details stolen by cybercriminals in previous data breaches and malware campaigns.

It’s particularly worrying because it contains countless login and password pairs that can be used in “credential stuffing” attacks, whereby previously hacked details are used to gain access to new accounts.

 

About Tech.co Video Thumbnail Showing Lead Writer Conor Cawley Smiling Next to Tech.co LogoThis just in! View
the top business tech deals for 2024 👨‍💻
See the list button

Of course, you needn’t really worry about credential stuffing attacks affecting you if you use unique passwords on all your accounts. This is one of the main reasons we recommend password managers so highly, as they make the process easy.

How to Check if Your Email Address Leaked in the Naz.API Dump

To check if your email address is linked to the Naz.API dataset, all you need to do is go to the Have I Been Pwned website as mentioned above.

There, you simply enter the email address (or addresses) you want to scan for association with known data breaches and leaks. You can even use its notification service to warn you if you’ve been compromised in the future.

The service has been around for over 10 years and was set up in the wake of the massive Adobe hack in 2023. Here’s a little more about it, so you know you can trust it.

Screenshot of stolen credentials from Naz.API dataset

Image credit: Troy Hunt via Bleeping Computer

What is Have I Been Pwned and Is It Reliable?

Have I Been Pwned is a long-standing data breach checking service. “Pwned” is old school gamer slang for “owned” and is therefore associated with being compromised online.

Its purpose is simple: to let you know if you’ve been hacked and your details compromised, so you change them in good time on other accounts. Essentially, it’s a massive database of hacked credentials, so when you put in your email address, a few seconds later it tells you if that account is linked to any known data breaches, dumps or other leaks.

It was set up by infosec veteran Troy Hunt, who’s also a regional director at Microsoft, as a way to help fight back against the inevitability that people re-use passwords across multiple accounts – or use weak, easily hackable passwords to begin.

We all do it, even though we know we shouldn’t, but with Have I Been Pwned at least you get a heads up so you can try and remedy things before it’s too late. You can also test your password strength for free, to see how vulnerable you may be to bad actors.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
James Laird is a technology journalist with 10+ years experience working on some of the world's biggest websites. These include TechRadar, Trusted Reviews, Lifehacker, Gizmodo and The Sun, as well as industry-specific titles such as ITProPortal. His particular areas of interest and expertise are cyber security, VPNs and general hardware.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals