Configure Dark Web - HaveIBeenPwned?

Check your accounts against HaveIBeenPwned?'s list of compromised emails and domains


HaveIBeenPwned? is an aggregation site which keeps a list of known hacks and credential compromises.  As part of its service, you can search specific email addresses or domains to see if they are part of a known hack. 

Required Permissions

HaveIBeenPwned? data is available with an API Key, available here.  Due to rate-limiting on the API, only one API Key is needed if you intend to monitor fewer than 43,000 email addresses.

Gather Set Up Information

  1. Get an API Key from HaveIBeenPwned?

How to Set Up and Connect

  1. Login to RocketCyber dashboard and go to the Integrations menu
  2. Go to Dark Web, then find the Pwn'd Monitor 
  3. Enter your API Key in the HIBP-api-key field
  4. RocketCyber will automatically monitor all email addresses associated with your RocketCyber dashboard
    1. This includes all O365 addresses; the email associated with all users; and any emails provided for billing, SOC notification, or reporting purposes
    2. Any additional emails you wish to monitor can be entered below the API Key
  5. Add any domains to monitor if desired
  6. Click Authenticate to connect

Emails associated with an existing organization will be mapped automatically.  

If you add additional email addresses, please add them to the appropriate organization's tab.  This will determine where detections are routed.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section