Credential Breach Checker — Domain Monitor (HIBP) | $3.9/1K
Pricing
from $3.78 / 1,000 breach records
Credential Breach Checker — Domain Monitor (HIBP) | $3.9/1K
Check data breaches for company domains via Have I Been Pwned. Get breach date, pwned count, data classes, verification status. No API key required.
Pricing
from $3.78 / 1,000 breach records
Rating
0.0
(0)
Developer
Vitalii Bondarev
Maintained by CommunityActor stats
0
Bookmarked
1
Total users
1
Monthly active users
3 days ago
Last modified
Categories
Share
Credential Breach Checker — Domain Breach Monitor via HIBP
Check which data breaches have affected your company domains using the Have I Been Pwned (HIBP) public API. No API key, no login, no external accounts required.
Use cases
- Security due-diligence: Before partnering or acquiring, check if a target company's domain has appeared in known data breaches.
- Vendor risk assessment: Audit third-party suppliers and SaaS vendors — did their customer data (potentially including yours) get exposed?
- Breach monitoring for company domains: Check your own or competitor domains for any historical incidents. Understand what data classes were exposed.
- Compliance & incident response: Quickly surface known breach history for any domain as part of a security review or audit trail.
What you get per breach record
| Field | Description |
|---|---|
breach_name | HIBP internal identifier (e.g. Adobe) |
title | Human-readable name (e.g. Adobe) |
domain | Affected domain |
breach_date | Date the breach occurred (YYYY-MM-DD) |
pwn_count | Number of accounts exposed |
data_classes | List of exposed data types (e.g. ["Email addresses", "Passwords"]) |
is_verified | Whether HIBP has verified the breach |
is_fabricated | Whether the breach is suspected to be fabricated |
is_sensitive | Whether the breach is marked sensitive |
disclosure_url | Link to official breach disclosure |
description | Plain-text breach summary |
parse_confidence | high / medium / low |
Sample output
Input
| Field | Type | Description |
|---|---|---|
domains | string[] | Company domains to check (e.g. adobe.com, linkedin.com) |
breachNames | string[] | Optional: fetch specific breaches by HIBP name (e.g. Adobe) |
verifiedOnly | boolean | Skip unverified/fabricated breaches (default: false) |
maxItems | integer | Max total records (default: 100, 0 = no limit) |
Free tier vs. keyed tier
This actor uses free unauthenticated HIBP endpoints — no API key needed, zero buyer friction.
The one HIBP capability that requires a paid key ($3.95/mo) is per-email breach lookup (/api/v3/breachedaccount/{email}). This is not implemented here. If you need email-level breach checking, contact us — we can build a keyed premium tier.
Transport
Headless only: curl_cffi with TLS-impersonation (chrome124) + Apify RESIDENTIAL proxy for rate-limit resilience. No browser, no Playwright.
💰 Pricing & how we compare
Pay-per-result (PPE): see pricing card. You are billed per breach-record actually returned — plus the tiny
apify-actor-start fee Apify waives for short runs. No subscription, no API key, no proxy fee on top.
Our edge: Have I Been Pwned-based breach exposure · domain & breach-name monitoring · risk view · no key required from you.
How rivals price the same job (live Apify Store, checked 2026-06-09)
| Actor | Their price | What they lack vs us |
|---|---|---|
lofomachines/email-breach-checker | $0.05 / email | direct peer — we charm-undercut |
s-r/apifyosintemail | $0.005 / result | king, but broad email-OSINT (not breach-focused) |
mikolabs/email-checker-verifier | $0.01 / result | email verify, requires your own HIBP key |
Prices above are competitors' live Store prices at the time of writing; ours is set to sit just below the strongest comparable while returning richer, quality-scored data.
🤖 Use with AI agents (MCP)
This actor is agent-ready (category MCP_SERVERS). Point any MCP client (Claude Desktop, Cursor, n8n AI, LangGraph) at it:
