How to check if your account's been hacked

Here's how to check if you've been put at risk:

• Go to  HaveIBeenPwned? and enter your email address. Use any address you're concerned may have been hacked – for example, the one you usually log in to LinkedIn with. 

• It'll tell you if your account's been hacked. You'll be shown a list of breaches you were 'pwned' in, with some background info on the hack, plus what data was compromised – eg, email address, password, date of birth, etc. 

How does it work? Once data following a breach becomes publicly available online, the site's owner locates it and uploads it to the HaveIBeenPwned? database where it's made searchable. Passwords and sensitive data aren't stored on the site – only email addresses or usernames which are used to identify whether a user's account details were stolen.

What about 'sensitive' sites? Results for data breaches at a few 'sensitive' sites such as infidelity website Ashley Madison aren't publicly searchable. You can still check if you've been affected, but to do so you'll need to put in your email address then check your email. This ensures only someone with access to the email address concerned can check if it was listed on that site. 

If my details aren't on there does that mean I haven't been hacked? No – the website won't tell you everywhere you may have had data stolen from, so you still need to be vigilant. The site itself acknowledges it only has "a small subset of all the records that have been breached over the years".

Is it legit? We've checked the site out and it's well known by industry experts – the head of Government-backed online safety resource Get Safe Online says it's a "stark reminder to many" of the need to protect yourself online, while it's been featured by the BBC and praised by leading tech sites such as Wired and Vice magazine's Motherboard. HaveIBeenPwned? was set up in 2013 by the Australian web-security specialist Troy Hunt, who has been recognised by Microsoft for his work.