Have I Been Pwned
E721441
Have I Been Pwned is a widely used online service that lets people and organizations check whether their email addresses or accounts have appeared in known data breaches.
All labels observed (2)
| Label | Occurrences |
|---|---|
| Have I Been Pwned canonical | 2 |
| Have I Been Pwned API | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T8248698 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Have I Been Pwned Context triple: [Maltego, canIntegrateWith, Have I Been Pwned]
-
A.
DashPass
DashPass is DoorDash’s subscription program that offers members benefits like reduced delivery fees and other savings on food and grocery orders.
-
B.
Sucuri
Sucuri is a website security company best known for its malware removal, firewall, and protection services for websites and online businesses.
-
C.
LastPass
LastPass is a popular cloud-based password manager that securely stores and autofills users’ login credentials across devices.
-
D.
Maltego
Maltego is a graphical link analysis and data mining tool widely used in digital forensics and open-source intelligence (OSINT) investigations.
-
E.
John the Ripper
John the Ripper is a widely used open-source password cracking tool designed for security auditing and penetration testing.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Have I Been Pwned Target entity description: Have I Been Pwned is a widely used online service that lets people and organizations check whether their email addresses or accounts have appeared in known data breaches.
-
A.
DashPass
DashPass is DoorDash’s subscription program that offers members benefits like reduced delivery fees and other savings on food and grocery orders.
-
B.
Sucuri
Sucuri is a website security company best known for its malware removal, firewall, and protection services for websites and online businesses.
-
C.
LastPass
LastPass is a popular cloud-based password manager that securely stores and autofills users’ login credentials across devices.
-
D.
Maltego
Maltego is a graphical link analysis and data mining tool widely used in digital forensics and open-source intelligence (OSINT) investigations.
-
E.
John the Ripper
John the Ripper is a widely used open-source password cracking tool designed for security auditing and penetration testing.
- F. None of above. chosen
Statements (53)
| Predicate | Object |
|---|---|
| instanceOf |
data breach notification service
ⓘ
online security service ⓘ website ⓘ |
| accessModel |
free Pwned Passwords API with rate limits
ⓘ
free for individual email searches ⓘ paid commercial API tiers ⓘ |
| countryOfOrigin | Australia ⓘ |
| creator | Troy Hunt NERFINISHED ⓘ |
| dataSource |
credential dumps shared on the internet
ⓘ
data provided by security researchers ⓘ publicly disclosed data breaches ⓘ |
| dataType |
breach metadata
ⓘ
email addresses ⓘ password hashes ⓘ phone numbers ⓘ usernames ⓘ |
| developer | Troy Hunt NERFINISHED ⓘ |
| feature |
Pwned Passwords k-anonymity API
NERFINISHED
ⓘ
RSS and email notifications ⓘ breach directory ⓘ paste data search (historically, now limited/changed over time) ⓘ public API for developers ⓘ search by domain (for verified owners) ⓘ search by email address ⓘ search by phone number (for some breaches) ⓘ |
| inception | 2013 ⓘ |
| notableFor |
Pwned Passwords service
NERFINISHED
ⓘ
large collection of breach records ⓘ popularizing public breach search ⓘ |
| offers |
API access
ⓘ
breach notification service ⓘ domain search for verified domain owners ⓘ email address breach search ⓘ password search (Pwned Passwords) ⓘ username breach search ⓘ |
| operatedBy | Troy Hunt NERFINISHED ⓘ |
| primaryLanguage | English ⓘ |
| purpose |
allow users to check if their accounts appear in known data breaches
ⓘ
help organizations assess exposure in credential dumps ⓘ provide notifications of future data breaches affecting users ⓘ |
| securityPractice |
does not store plain-text passwords
ⓘ
stores password data as hashes in Pwned Passwords ⓘ supports HTTPS-only access ⓘ uses k-anonymity model for password queries ⓘ |
| topic |
data breaches
ⓘ
information security ⓘ password security ⓘ |
| usedBy |
enterprises
ⓘ
governments ⓘ individual internet users ⓘ password managers ⓘ security researchers ⓘ |
| website | https://haveibeenpwned.com ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Have I Been Pwned Description of subject: Have I Been Pwned is a widely used online service that lets people and organizations check whether their email addresses or accounts have appeared in known data breaches.
Referenced by (3)
Full triples — surface form annotated when it differs from this entity's canonical label.