Jonathan R. Reed
BY JONATHAN R. REED jonathanrreed.com ↗

Traced is a weekend project. I wanted a more interesting way to browse the Have I Been Pwned dataset — the noir case-file thing just felt like a fun way to present it. It also has a password checker so you can see if yours has turned up in a breach.

WHAT IS THIS

It's a browser for the Have I Been Pwned breach database, styled like a noir case-file archive. Every breach gets its own page with dates, account counts, data types stolen, and how long it took for the breach to be made public.

It's not trying to be anything serious. It's just a more interesting way to look at data that's already freely available — and a reminder that a lot of your old accounts have probably been compromised at some point.

HOW IT WORKS

01
Pre-built pages — All the breach pages are generated at build time from HIBP's free public API. There's no server, no database — just static HTML.
02
No tracking — No analytics, no cookies. Nothing you do here is logged anywhere.
03
Password check — Your password is hashed in your browser and only the first 5 characters of the hash are ever sent anywhere. Your actual password never leaves your device.

THE STATUS LABELS

CRITICAL Passwords, financial data, or government IDs were stolen. Worth actually doing something about.
UNSOLVED Happened in the last 5 years. The data is probably still floating around somewhere.
COLD CASE Old breach, lower-risk data. Interesting history, less urgent.
PRIVACY FIRST
  • No tracking · No analytics
  • No cookies · No logs
  • Open data only
  • Passwords never transmitted
  • Client-side hashing only
This is a static site. There's no backend, no database, no server. Nothing you do here is recorded.
BUILT WITH
Astro 5 Static-first framework
React 19 Interactive islands only
Tailwind CSS v4 CSS-first design system
Framer Motion Animations & reveals
Cloudflare Pages Global static hosting

DATA SOURCES

Everything here comes from Troy Hunt's Have I Been Pwned — a free, public breach database he's been running since 2013. No keys needed, no scraping. Just his open API.

HAVE I BEEN PWNED FREE · NO KEY

The main breach database. Every publicly known breach with dates, how many accounts were affected, what data was taken, and whether it's been verified. Troy Hunt has been maintaining this since 2013.

GET haveibeenpwned.com/api/v3/breaches
GET haveibeenpwned.com/api/v3/breach/{name}
haveibeenpwned.com ↗
PWNED PASSWORDS FREE · K-ANONYMITY

Over 900 million real passwords from past breaches. The password checker on this site uses this API — your password is hashed locally and only 5 characters are sent, so it never actually knows what you typed.

GET api.pwnedpasswords.com/range/{prefix}
haveibeenpwned.com/Passwords ↗

All the data here belongs to Troy Hunt and Have I Been Pwned. Traced is just a fan-made frontend — not affiliated with or endorsed by HIBP. If you find this useful, the real credit goes to Troy. Check out his work at haveibeenpwned.com.