HIBP Subscription

The vast majority of services in HIBP are completely free, including personal email address searches and notifications, most domain searches and all searches of Pwned Passwords. Only searches of larger domains and using the API to search email addresses require a paid subscription.

What Do We Offer

Domain Search

The Domain Search feature allows verified domain owners to query all email addresses from their domain that have appeared in known data breaches.

After verifying domain ownership (typically via DNS or file upload verification), the owner can receive breach notifications for their users, monitor ongoing exposure, and optionally configure alerts for future breaches.

API

The HIBP API provides programmatic access to breach data, allowing developers and security teams to check whether specific email addresses, usernames, or passwords have been exposed in known breaches.

The API supports services like password reuse prevention, proactive breach monitoring, and secure user notifications—without ever exposing raw breach data.

Save up to 16% with annual billing

Pwned 1

10RPM
$3.95
per month

Pwned 2

50RPM
$19
per month

Pwned 3

100RPM
$32
per month

Pwned 4

500RPM
$137
per month

Pwned 5

1000RPM
$274
per month

Enterprise

Custom
Custom
pricing

High-Performance Tiers

For organizations requiring higher API throughput, our Ultra tiers provide enhanced capabilities. All plans include unlimited domain sizes and access to stealer logs.

Plan API Rate Price
Pwned Ultra 1
Unlimited domains, includes stealer logs
4,000 RPM
$995
per month
Subscribe
Pwned Ultra 2
Unlimited domains, includes stealer logs
8,000 RPM
$1,850
per month
Subscribe
Pwned Ultra 3
Unlimited domains, includes stealer logs
12,000 RPM
$2,750
per month
Subscribe

Need even higher rate limits? Contact us for custom enterprise solutions.