What Is a Data Breach? What To Do If You're Affected (2026)
Learn what a data breach is, famous examples, how to check if your data was leaked, and exactly what steps to take to protect yourself after a breach.
What Is a Data Breach? What To Do If You're Affected (2026)
In 2024, a single database called RockYou2024 exposed 10 billion passwords. In 2021, LinkedIn leaked 700 million user records. Chances are, your email address and password have already appeared in at least one breach. Here's what that means — and exactly what to do about it.
What Is a Data Breach?
A data breach occurs when unauthorised individuals gain access to private, sensitive, or confidential data. Exposed data typically includes email addresses, passwords (hashed or in plain text), names, phone numbers, credit card numbers, and home addresses.
Data breach vs data leak: a breach is usually caused by an external attack; a leak is usually caused by accidental internal exposure. The terms are often used interchangeably.
How Data Breaches Happen
- Stolen credentials — phishing or credential stuffing using passwords from other breaches.
- SQL injection attacks exploiting poorly coded databases.
- Malware planted on company servers.
- Insider threats — malicious or negligent employees.
- Misconfigured cloud storage — e.g. public S3 buckets with private data.
- Third-party vendor breach — Target was famously breached in 2013 via an HVAC contractor.
Famous Data Breaches — Real Examples
- RockYou2024 (2024) — 10 billion passwords compiled from many breaches.
- National Public Data (2024) — 2.9 billion records including US Social Security numbers.
- LinkedIn (2021) — 700 million user profiles scraped and leaked.
- Facebook (2021) — 533 million users' phone numbers and emails leaked.
- Yahoo (2013–2014) — 3 billion accounts, still the largest breach in history.
How to Check If Your Data Was Breached
HaveIBeenPwned.com is the gold standard — enter your email and it shows every known breach containing it. Free. Google Password Manager and most modern password managers (Bitwarden, 1Password) also flag saved passwords that have appeared in known breaches.
Check if your IP is on any blacklist — a possible sign of account compromise.
Open IP Blacklist CheckerTest how strong your password really is.
Open Password CheckerWhat To Do After a Data Breach
- Find out what data was exposed — check the breach notification or HaveIBeenPwned.
- Change the password immediately on the breached account, and on every other account that shared it.
- Enable two-factor authentication on the affected account.
- Watch for suspicious emails, messages, or account activity — attackers use breached data for targeted phishing.
- If financial data was exposed, notify your bank, monitor statements, and consider a credit freeze.
- If your SSN or government ID was exposed, report it to the relevant authority (FTC in the US, Action Fraud in the UK).
Why Breached Passwords Are Dangerous Even If Hashed
Most breached databases store hashed passwords, not plain text. But weak or common passwords (123456, password, qwerty) can be cracked from those hashes in seconds using rainbow tables.
Strong unique passwords (16+ random characters) are effectively impossible to crack from hashes. That's why unique passwords for every site matter — credential stuffing uses breached passwords to try logging into other sites.
How Companies Should Respond to Breaches
Under GDPR, companies must notify affected users within 72 hours of discovering a breach. Many still fall short. Expect a notification email, advice to change passwords, and sometimes a free credit monitoring offer. Slow notification, vague communication, and no clear guidance are red flags of poor breach handling.
Learn how attackers use phishing to follow up on breach data.
Read: What Is Phishing?Frequently Asked Questions
How do I know if my data has been breached?
Visit HaveIBeenPwned.com and enter your email. It checks against billions of known breached records, free of charge.
What should I do immediately after a data breach?
Change the breached password, change it everywhere you reused it, and enable two-factor authentication.
Is it dangerous if only my email address was leaked?
Yes — even an email alone enables targeted phishing and spam. The risk multiplies if a password was also exposed.
Can a data breach affect my credit score?
Not directly. But if breached data is used to open fraudulent accounts in your name, that can damage your credit. A credit freeze prevents new accounts being opened without consent.
What is credential stuffing?
Attackers take usernames and passwords from one breach and automatically try them on hundreds of other websites. Unique passwords per site are the defence.
Frequently Asked Questions
How do I know if my data has been breached?+
Visit HaveIBeenPwned.com and enter your email address. The free service checks your email against billions of known breached records. Many modern browsers and password managers also alert you when a saved password appears in a known breach.
What should I do immediately after a data breach?+
Change the password on the breached account immediately, then change the same password on every other account where you used it. Enable two-factor authentication on the affected account and monitor it for suspicious activity.
Is it dangerous if only my email address was leaked?+
Your email alone enables targeted phishing and spam. The real danger is if your password was also exposed — that combination allows attackers to attempt to log in to your accounts directly, or use credential stuffing on other sites.
Can a data breach affect my credit score?+
A breach alone doesn't directly affect your credit score. However, if breached data is used to open fraudulent accounts in your name, that could damage your credit. A credit freeze prevents new accounts being opened without your consent.
What is credential stuffing?+
Credential stuffing is when attackers take usernames and passwords from a breach and automatically try them on hundreds of other websites. Since many people reuse passwords, this is highly effective. The defence is a unique password for every account.