This is old news to those in IT, but not everyone knows, so I'll post about it.

There is a website allows Internet users to determine whether their usernames and passwords have been exposed in some of the largest data breaches in recent years.

The site is called haveibeenpwned.com and was created by Australian software architect Troy Hunt.  It allows users to check whether their email addresses are present in user databases leaked from the many breaches that have occurred over the past few years. (See https://www.robjones3.com/new-blog/2017/2/27/again)

The haveibeenpwned.com website does not store any of the leaked passwords, only the email addresses. As of March 2016, Have I Been Pwned? receives around ten thousand daily visitors.  As of February 2017, the site has over 1 million active email subscribers and contains records of 2.1 billion accounts from over 190 data breaches

• Pwned is play on the word 'owned' and refers to being taken advantage of
• The 'Have I Been Pwned' site securely stores lists of email addresses leaked during recent security breaches at major companies
• Typing an email into the site reveals which, if any, breach affects you
• It also reveals if your email address has been 'pasted' onto other websites that could make it vulnerable to hackers

https://pwnedlist.com is another great one - LastPass actually works with them so that users are alerted automatically when their emails are found on new leaks.

Read more: 

1. https://www.troyhunt.com/the-impact-of-have-i-been-pwned-on-data/
2. http://www.dailymail.co.uk/sciencetech/article-3344341/Have-PWNED-Site-reveals-email-address-millions-leaked-recent-hacks-VTech-Adobe-Ashley-Madison.html#ixzz4bH7WZKtR