Processing 23B Rows of Alien Txtbase Stealer Logs
troyhunt.comHIBP emailed me to tell me I was part of the leak. The blog appears to mention I should be able to see what domains are associated with my email but I can’t seem to find how to access that info?
I was also wondering the same thing. Turns out it's here: https://haveibeenpwned.com/DomainSearch
But it's not seeing what domains are associated with your email; rather, it's seeing which emails for a given domain (e.g. a company domain) are associated with breaches. If you can demonstrate that you have control over a particular domain, then haveibeenpwned will tell you how many (and maybe which?) accounts on your domain are compromised. If there are more than 10 such accounts, it looks like you need a paid subscription.
This is a different feature to allow sites/companies to see which of their users may be compromised to help facilitate resetting credentials.
I did figure out the other issue though. If you got the email saying you were part of the stealer log leak, you can find a link in the of the bottom email titled “check my email address again”.
Follow that link and scroll all the way to the bottom and you should find a section for “stealer log entries” which includes domains that tour email address was associated with.
If you don’t have the email from them, enter it again at the top of the homepage for haveibeenpwned.com to receive it.