Leak-Lookup
An online tool that allows you to search across public data breaches to surface credentials that may have been compromised.
Last updated
Was this helpful?
An online tool that allows you to search across public data breaches to surface credentials that may have been compromised.
Last updated
Was this helpful?
Was this helpful?
Leak Lookup is an online tool and database search platform that allows users to check whether their personal information, such as email addresses, usernames, or passwords, has been exposed in data breaches. By entering a query, users can search its database of leaked data to identify if their information has been compromised.
Leak Lookup's collection appears to contain publicly available databases from web applications and services that have been breached, leaked or scraped as well as collections of credentials or personally identifiable information (PII) such as Collection 1. For each "breach", users are able to see the data types that have been exposed such as email address, username, full name, cleartext or hashed password.
As of April 2025, Leak-Lookup also has the following API offerings:
Search: The "search" API is designed to provide a simple and easy to use endpoint for end-users to search across all indexed breaches. Users can search by types of indicators such as email address, username, IP address, phone number, domain etc.
Hash: The "hash" API is designed to provide hash-cracking capabilities for end-users, meaning a user can submit a hashed value of a password and the API endpoint will return the cleartext value of the password if the hash has been "cracked."
Stat: The "stats" API is used to retrieve information relating to the current API key, this includes information such as the current request limits, daily request limits etc.
Leak-Lookup's collection of data appears comprehensive compared to other similar tools such as HaveIBeenPwned (HIBP): as of February 2025, Leak-Lookup has approximately 27 million total records from 4,416 breaches while HIBP has approximately 14 million records from 864 websites. It should be noted that despite the larger number of records and "breaches" that Leak-Lookup has, the service appears to count every data field from a breach or leak as one record, while HIBP's record count is based on the number of accounts that have been compromised (which often involves multiple data fields). Additionally, HIBP has a unique working relationship with law enforcement entities, specifically the FBI, and security researchers. As such, there have been times when the service was given exclusive access to compromised data by law enforcement partners (including an ongoing general partnership with the FBI established in 2021) and security researchers, such as data from People Data Labs (PDL) which was discovered by researchers Vinny Troia and Bob Diachenko.
As of March 2025, the pricing information for credits are as follows:
20 credits for $10
50 credits for $20
140 credits for $50
300 credits for $100\
Users must register an account to conduct searches; account registration is free of charge.
A subscription to the service is needed in order to view the full breach details for any given record. Without a subscription, API keys have limitations on how many API calls a user can make — approximately 10 API calls per day per user. The public (i.e. free) API keys are also restricted to returning only the breach names for searched queries.
Leak-Lookup has a general support documentation and a FAQ page here.
Leak-Lookup has documentation on API capabilities here: search, hash, stat.
Leak-Lookup, location unknown.
Leak-Lookup can be reached at info(at)leak-lookup.com or on X, the social media platform formerly known as Twitter,
hande
