Online Privacy

How to Check If Your Email Has Been Hacked (2026)

Your email has probably been leaked at least once. Here's how to find out — and what to actually do about it before someone else logs in.

Adhen Prasetiyo
Adhen Prasetiyo
5 min read
Cracked lock on a glowing email envelope representing a hacked email account
Cracked lock on a glowing email envelope representing a hacked email account

How to Check If Your Email Has Been Hacked

I'll be honest with you — there's a very good chance your email address has already been leaked in a data breach at some point. Not because you did anything wrong, but because the companies you trusted with your data got hacked.

In 2024 alone, billions of email credentials ended up floating around the dark web. Some from massive breaches you probably heard about. Some from smaller ones that never even made the news.

The scary part isn't that your email got leaked. The scary part is when you don't know about it, and someone quietly uses that information against you — logging into your accounts, resetting your passwords, or piecing together enough about you to run a convincing scam.

So let's fix that. I'm going to walk you through exactly how to check if your email has been compromised, what the warning signs look like, and what to do if you find out the answer is yes.

Step 1: Run your email through a breach database

The fastest way to know if your email was involved in a known data breach is to use a tool called Have I Been Pwned. It was created by Troy Hunt, a well-respected security researcher, and it's been the gold standard for this kind of check for years.

Here's what you do:

Go to haveibeenpwned.com, type in your email address, and hit the search button.

Within a few seconds, it'll tell you whether your email appeared in any known data breaches. If it did, it'll show you which ones — including the company name, when it happened, and what kind of data was exposed (passwords, phone numbers, IP addresses, etc).

Don't panic if you see results. Most people who've been online for more than a few years will show up in at least one breach. What matters is what you do next.

A couple of extra tools worth trying:

  • Mozilla Monitor (monitor.mozilla.org) — built on the same data, with a cleaner interface and email alerts
  • Google's Password Checkup — built into Chrome, it flags saved passwords that appear in known leaks

I'd suggest running all your email addresses through these. The one you use for shopping, the one for social media, your old Hotmail from 2009 — all of them.

Step 2: Know the warning signs

Sometimes your email gets compromised and there's no dramatic notification. No alarm goes off. But there are patterns you can watch for.

You can't log in anymore. This is the most obvious one. If your password suddenly doesn't work and you didn't change it, someone else probably did.

Emails in your Sent folder that you didn't write. Hackers often use compromised email accounts to spam your contacts. Sometimes they delete the sent emails to cover their tracks, so check your Trash folder too.

Password reset emails you didn't request. If you're getting notifications from services like Netflix, Amazon, or your bank saying "here's your password reset link" — and you didn't ask for one — someone is trying to get into your other accounts using your email.

Your contacts tell you they got weird messages from you. This one's embarrassing but important. If a friend says "hey, did you just send me a link to some crypto site?" — that's a red flag.

Login alerts from unfamiliar locations. Most email providers (Gmail, Outlook, Yahoo) will notify you when someone logs in from a new device or location. If you see a login from a city you've never been to, take it seriously.

Step 3: What to do if your email was breached

Alright, so you found your email in a breach. Or you noticed some of the warning signs above. Here's the playbook — in order of priority.

Change your password immediately. And I mean right now, not after dinner. Use something long and unique. Not your dog's name. Not your birthday. Not "Password123!" which I've seen more times than I'd like to admit. A good password is at least 14 characters and looks like a random mess of letters, numbers, and symbols.

Turn on two-factor authentication (2FA). This is the single most effective thing you can do. Even if someone has your password, they still can't get in without the second factor — usually a code from an app on your phone. Use an authenticator app like Google Authenticator, Authy, or Microsoft Authenticator. Avoid SMS-based 2FA if you can, since SIM swapping attacks can intercept those codes.

Check your email forwarding rules. This one gets missed a lot. Hackers sometimes set up a forwarding rule that silently sends a copy of every email you receive to their own address. In Gmail, go to Settings > Forwarding and POP/IMAP. In Outlook, check Rules and Alerts. Delete anything you don't recognize.

Review connected apps and sessions. Check which devices and apps have access to your email account. In Gmail, scroll to the bottom of your inbox and click "Details" to see recent activity. Revoke access from any device you don't recognize.

Change passwords on other accounts that use the same password. Yeah, I know — you probably reused that password somewhere. Most people do. If the breached password is the same one you use for your bank, your Amazon account, or anything else, change those too. This is exactly why password managers exist, and I'll be covering that in another article.

Step 4: Set up monitoring so you don't get surprised again

One-time checks are good. Ongoing monitoring is better.

Sign up for alerts on Have I Been Pwned. You can register your email address, and it'll notify you automatically if it shows up in a future breach. It's free.

Mozilla Monitor offers a similar service. Set it up once, forget about it, and let it watch for you.

If you're using a password manager like Bitwarden or 1Password, many of them have built-in breach monitoring that automatically flags compromised credentials.

A note from someone who does this for a living

I've spent years in bug bounty programs, poking at systems to find vulnerabilities before the bad guys do. And I can tell you — the way most people get hacked isn't through some sophisticated zero-day exploit or movie-style hacking. It's almost always one of three things:

  1. They reused a password that got leaked in a breach
  2. They clicked a phishing link and typed their password into a fake login page
  3. They never turned on two-factor authentication

That's it. Fix those three things and you're already more secure than 90% of people online.

Your email is the key to your entire digital life. Almost every account you have is tied to it. Treat it like the front door to your house — make sure the lock actually works.

Related Articles

email securitydata breachhave i been pwnedhacked emailtwo-factor authenticationpassword securityidentity theftemail privacyaccount recoverybreach monitoring

Enjoyed this article?

Share it with your network

Copied!
Adhen Prasetiyo

Written by

Adhen Prasetiyo

Research Bug bounty Profesional, freelance at HackerOne, Intigriti, and Bugcrowd.

View all articles

You Might Also Like

Hands holding smartphone showing privacy settings with security icons floating around the device
Digital Safety

10 Smartphone Privacy Settings You Should Change Right Now

Digital vault door opening with glowing blue light symbolizing a secure password manager
Security Tools

Best Password Managers in 2026: A Security Expert's Pick

Side-by-side comparison of real and phishing login page on smartphone and laptop with hacker silhouette
Scam Alerts

Phishing in 2026 Doesn't Look Like Phishing Anymore

Home wifi router protected by a glowing digital shield hologram in a dark room
Digital Safety

Your Home Wi-Fi is Probably Hackable — How to Fix It

Open suitcase at airport with laptop smartphone and passport protected by security shields with holographic cybersecurity checklist
Online Privacy

The Cybersecurity Checklist Every Traveler Needs in 2026

Smartphone with hidden surveillance eye icon transmitting private data streams to shadowy figure representing stalkerware spying
Digital Safety

Someone Might Be Spying on Your Phone Right Now: How to Detect and Remove Stalkerware

Fortified digital security castle with person holding gate open for disguised attacker showing social engineering bypassing technical defenses through human trust
Digital Safety

Social Engineering: Why You Are the Weakest Link in Your Own Security

Old password padlock being shattered and replaced by glowing biometric passkey fingerprint icon representing passwordless authentication revolution
Security Tools

Passkeys Are Killing the Password: What They Are, How They Work, and Why You Should Switch Now