Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Password breach report question
Hi
I saw some recent massive breach news on the websites but I couldn't find a single breach entry on Watchtower reports. Does this really mean my accounts were really never breached or Watchtower is not doing its job?
https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/
https://www.forbes.com/sites/daveywinder/2025/05/23/184162718-passwords-and-logins-leaked---apple-facebook-snapchat/
https://www.tomshardware.com/tech-industry/cyber-security/16-billion-accounts-exposed-in-one-of-the-largest-data-breaches-in-history-enormous-data-haul-holds-two-accounts-for-every-human-alive
https://www.tomsguide.com/news/live/16-billion-passwords-data-breach
https://time.com/7296254/passwords-leaked-data-breach/
5 Replies
1Password has a long relationship with Troy Hunt, who runs Have I Been Pwned. Troy is probably the #1 authority on data breaches and reporting in the mainstream press (and sometimes technical press) is often less that accurate and reliable. Troy shared some information about this matter in his latest Weekly Update 457.
In short, don't worry about this news. 1Password will check for your credentials in all the breaches recorded in HIBP and let you know if any have been compromised. You can, of course, check details for yourself. If you find nothing new, then it doesn't mean that you can be certain that your details aren't in some dark web vendor's secret breach dataset, but it does mean that you don't have anything to do... yet.
You can test Watchtower by adding a Login item with compromised data. A safe example is
username: test
password: test
website: http://example.comThis should immediately show several problems in Watchtower including the breached credentials and lower your score a few points.
You can test Watchtower by adding a Login item with compromised data.
I did this with a password that Chrome browser and https://haveibeenpwned.com/ say was exposed in 3 breaches. However, Watchtower does not report the 1Password entry that contains the compromised password.
Whereas I suggested adding an Item with a specific username, password, and website to test, you mention only that you "did this with a password..." with no details of what you did or the password, or what happened when you tried my suggested test.
This makes addressing your reported result practically impossible.Given the possibility that the password in question was a bad one in that it used private or personal information, then not revealing it is of course the right choice. In that case, it should not be too difficult to find another compromised password which you can share; that is unless they were all that bad.
In any case, please report the results of adding the Item suggested.
1Password shared a blog about this. So according to Troy this hack didn't happen or had accounts breached and according to 1Password it happened, but my Watchtower didn't give a single alert for my accounts, which are more than 500+
https://blog.1password.com/what-to-do-16-billion-password-data-leak/
The blog begins,
While this data appears to be recycled from older breaches, ...
so it's not a matter of whether or not there was yet another discovery of a large collection of breach data, but whether there was discovery or publication of new (but not necessarily recent) breach data. In this case it appears that there was not, hence there was no new breach data added to HIBP , and thus nothing new for Watchtower to find and report.
If your credentials are in any of the breaches recorded by HIBP, then Watchtower should tell you.
