Breach Check · Privacy-first credential exposure scan
Is Your Trading Account Login in a Known Data Leak?
Whether you trade forex, stocks, crypto, or other markets, check the security of your own account login details and stay in control of your digital safety. Privacy-first and GDPR-aligned: we only ever check your own email, keep it as a one-way hash (never in plain text), and never share it with anyone.
How your check stays private
Built on the k-anonymity model — your password is checked without ever being revealed to us.
Hash on your device
Your password is hashed client-side using SHA-1 before anything is sent. Your actual password never leaves your device or touches our infrastructure.
Send only a 5-character prefix
We apply the k-anonymity model: only the first 5 characters of the hash (out of 40) are sent to our servers. That prefix alone can never identify your password.
Match locally
We return all breach entries matching that prefix — your browser then determines locally whether your full hash appears. The complete hash, or any derivative that could identify it, never leaves your device.
What the check covers
A single scan cross-references your own credentials against billions of records exposed in historical data breaches — so you learn about an exposure before an attacker does.
Run my breach check- Your email address across known breach corpora
- Your trading-account password against exposed credential dumps
- Reused passwords that put multiple logins at risk at once
- Clear next steps to rotate and secure anything exposed
Privacy guarantees
K-Anonymity
Only a 5-char hash prefix leaves your device
Zero Password Logs
No plain-text traces, processed in memory only
One-Way Hash
Your password is never stored, ever
GDPR Article 25
Privacy by design & by default
Frequently asked
Do you ever see or store my password?
No. Your password is hashed on your device and only a 5-character prefix of that hash is sent. We never receive, log, or store your password or its full hash. Password check queries are processed in memory only, and request-body logging is suppressed on all password-related endpoints.
What is k-anonymity?
K-anonymity lets us tell you whether your credential appears in a breach without ever learning what that credential is. By sending only the first 5 characters of a 40-character hash, your browser gets back a bucket of possible matches and checks locally — the answer is computed on your device, not ours.
How is this different from Have I Been Pwned?
It uses the same privacy-preserving k-anonymity model you may know from public breach checkers, wrapped into your CLEAREX.MARKET account with clear, trader-focused guidance on what to do next. It is built for people protecting real trading logins, not just curiosity.
Is the Breach Check free?
Breach Check is part of membership — included in every plan (Bronze, Gold, Platinum). Members scan their email and trading passwords against known data leaks. It takes seconds.
What should I do if I find an exposure?
Change the affected password immediately, and change it anywhere else you reused it. Use a password manager to give every account a unique key, and enable two-factor authentication on your trading and email accounts.
Check if your login has already leaked
It takes seconds, and your password never leaves your device. Subscribe to scan your email and trading passwords against known data leaks — included in every plan.