HIBPwned, an R package for HaveIBeenPwned.com

  • March 21, 2016
  • Steph
  • R

The answer in life to the inevitable question of “How can I do that in R?” should be “There’s a package for that”. So when I wanted to query HaveIBeenPwned.com (HIBP) to check whether a bunch of emails had been involved in data breaches and there wasn’t an R package for HIBP, it meant that the responsibility for making one landed on my shoulders. Now, you can see if your accounts are at risk with the R package for HaveIBeenPwned.com, HIBPwned.

Have I Been Pwned | HaveIBeenPwned.com
Have I Been Pwned | HaveIBeenPwned.com

Current status

The package is currently available on github @ stephlocke/HIBPwned, but I intend to submit to CRAN after getting some feedback from y’all.

if(!require("devtools")) install.packages("devtools")
# Get or upgrade from github

Basic usage

The very first thing you should do after installing is checking to see if your personal email address has been breached.


After that, check your significant other, your cat, and your family who you probably provide IT support for.

HIBPwned::account_breaches(c("foo@bar.com", "test@test.com"))

Give it a whirl!

Package development notes

  • HIBP is a fantastically written API and isn’t complicated so I’ve almost got the R package to be feature complete with respect to the API.
  • The package enjoys 100% test coverage as the simplicity of the API has enabled thorough testing

    Coverage Status

  • The package uses the latest iteration of the R travis-ci capabilities