By starting a scan, you confirm you have the right to check this address.
Dark Monitor lets you find out — privately — whether your email address has been exposed in known data breaches, dark-web dumps and infostealer (“stealer”) malware logs. Billions of leaked credentials circulate across underground markets and combo lists; checking yours is the fastest way to know which passwords to change before someone else does.
Unlike a typical breach checker, your address never reaches our servers in readable form. It is cryptographically blinded in your browser with an Oblivious Pseudorandom Function (OPRF); our server applies its secret key without ever seeing your email, and only the resulting token is matched against our breach index. Nothing is stored in plaintext — not your email, not your IP address.
Our index is continuously updated from third-party breaches, dark-web data and stealer logs; the newest additions appear in “Last updates”. This service covers personal mailboxes (Gmail, Outlook, Proton, iCloud, Yahoo and more) — corporate domains and team monitoring are handled by a separate PWN-ALL service.
Reused and leaked credentials are the number-one way accounts get taken over. Knowing where your email has surfaced lets you change exposed passwords before anyone else uses them.
Against a continuously updated index built from dark-web dumps, stealer-malware logs and third-party breaches. The most recent sources appear under Last updates; the full index is far larger.
Your email never leaves your device in the clear. It is blinded with a random mask, then sent to the server, which applies its secret key without ever seeing your address (an Oblivious PRF). You remove the mask locally to get a token, and only that token is matched against the breach database. Nothing is stored in plaintext.