Submitted by Fred Straker on
A long time ago, the Apple ID was like any other username. But nowadays Apple requires all Apple IDs to be verifiable email addresses. Since everyone's Apple ID is an email address, many of these have been found in data breaches and leaked online. While your actual iCloud or iTunes accounts may not be compromised, the email address you use for your Apple ID could have leaked along with billions of other account records.
Giant collections of stolen account data have been dumped online, ready for shady characters to exploit for nefarious purposes. How can one check to see if their email address, phone number, name or other personal data has been compromised?
There are two services that have compiled all of the leaked information and provide free search tools. To check if your Apple ID or other email addresses have been leaked, use one of these tools:
Hasso-Plattner Institute
Enter an email address and the HPI Identity Leak Checker will search its database, then email the result. HPI delivers instructions on how to protect your compromised accounts, along with a list of any accounts or personal information tied to a leaked email address.
Have I Been Pwned?Have I Been Pwned has a similar interface, which checks the email address entered against its collection of data breaches. Instead of emailing the results, Have I Been Pwned shows any leaks associated with the address directly on its web page. Users can also sign up for notifications, which means Have I Been Pwned will send an alert if the email address appears in future data breaches.
Tips for better security
Newest iPhone FAQs
When it comes to securing your account, make sure to activate two-factor authentication for your Apple ID. In fact, this step should be taken with any online service that provides the option.
If your Apple ID or another email address has been leaked, immediately change your passwords as well. Here are some instructions on adding two-factor authentication (2FA) to different services:
Always use unique, strong passwords for each account, and consider using a password management app like 1Password to help keep track of everything.