Cleanbox
Features Helpdesk Blog Pricing Contact
Sign in Start free trial
Blog
security privacy data breaches

Your Email Was in a Data Breach - Now What?

7 min read May 1, 2026

You just found out your email address was involved in a data breach. Maybe you got a notification from the breached service. Maybe you checked Have I Been Pwned. Either way, your first reaction is probably a mix of anger and anxiety.

Take a breath. A breached email address is not the end of the world — but it does require action. Here is exactly what to do, in order of priority.

Immediate actions (do these now)

1. Change the password on the breached service

If the breach included passwords (even hashed ones), change your password on that service immediately. Use a strong, unique password — at least 16 characters, generated by a password manager.

2. Change the password everywhere you reused it

This is the big one. If you used the same password on the breached service and on other accounts, change it everywhere. Attackers know people reuse passwords — the first thing they do with breach data is try your email + password combination on hundreds of other services (this is called credential stuffing).

If this feels overwhelming, prioritize:

  1. Email account — If they get into your email, they can reset every other password
  2. Banking and financial services
  3. Cloud storage (Google Drive, Dropbox, iCloud)
  4. Social media
  5. Everything else

3. Enable two-factor authentication

On every account that supports it, especially your email. Even if an attacker has your password, 2FA blocks them. Use an authenticator app (Google Authenticator, Authy, 1Password) — not SMS, which can be intercepted via SIM swapping.

4. Watch for phishing

After a breach, expect targeted phishing emails. Attackers now know you use that service and may send convincing fake emails asking you to "verify your account" or "reset your password." Never click links in these emails — go directly to the service website by typing the URL.

Short-term actions (this week)

5. Get a password manager

If you are not already using one, now is the time. A password manager (1Password, Bitwarden, etc.) generates unique passwords for every account and remembers them for you. This eliminates password reuse — the single biggest risk factor in breach aftermath.

6. Check what else is exposed

Visit Have I Been Pwned and enter your email address. It will show every known breach your address has appeared in. You may find breaches you did not know about — repeat steps 1–3 for each one.

7. Review your active accounts

Go through your password manager or email inbox and identify accounts you no longer use. Delete them. Every active account with your email is a potential future breach vector. Close what you do not need.

Long-term strategy (prevent future damage)

8. Switch to email aliases

This is the most impactful change you can make. Instead of using your real email address for every service, create a unique alias for each one.

Why this matters after a breach:

  • Isolation — If "shop-amazon@cleanbox.me" gets breached, your real address is not exposed. Only the alias is in the breach database.
  • Instant response — Disable the compromised alias and the damage is contained. No password changes needed on other services.
  • Attribution — You know exactly which service was breached because each one uses a different alias.

Start migrating your most important accounts to aliases now. Every account you move is one fewer attack vector.

9. Set up breach monitoring

Have I Been Pwned offers free email notifications for future breaches. Enable it for your real email address and your most important aliases.

10. Use Shield for sensitive accounts

For aliases connected to financial services or healthcare, enable Gatekeeper mode. Only approved senders can email that alias. Even if the alias leaks in a breach, unknown senders are automatically rejected — phishing attempts bounce.

What NOT to do

  • Do not ignore it. "It is just an email address" ignores the cascade risk. Breach data is combined with other breaches to build complete profiles.
  • Do not create a new email address and abandon the old one. You will just repeat the cycle. Fix the underlying problem (password reuse, no aliases) instead.
  • Do not pay for "dark web monitoring" services. Most just check Have I Been Pwned (free) and add a markup. Use the free tools directly.
  • Do not reply to "your data has been compromised" emails from unknown senders. These are often phishing attempts exploiting breach anxiety.

The bigger picture

Data breaches are not going away. The question is not if your email will appear in a breach — it is how many breaches. The goal is to make each breach as inconsequential as possible:

  • Unique passwords — A breach on one service cannot cascade to others
  • 2FA everywhere — A leaked password alone is not enough to access your account
  • Unique aliases — A leaked alias can be disabled without affecting your real address
  • Minimal active accounts — Fewer accounts means fewer breach opportunities

You cannot prevent breaches at companies you use. But you can make sure a breach does not ruin your day.

Related articles

Cleanbox vs Traditional Email Security: Why Spam Gateways Are Overkill for SMBs

16 min read

Email Security Threats in 2026: A Comprehensive Overview

20 min read

The Best Free Email Tools for Privacy in 2026

10 min read

Ready to take control of your inbox?

Start protecting your email with Cleanbox — free plan available, no credit card required.

Get started free