Teams and Businesses

Create a domain breach report for your company

Learn how to view a list of everyone in your company affected by data breaches.

With 1Password Teams and 1Password Business, you can create a report to see if anyone with a company email address has been affected by a data breach. Information about data breaches comes from the haveibeenpwned.com domain search database.

An account owner will need to set up the breach report and verify a domain, then anyone in the Security group can view it.

To get started, sign in to your account on 1Password.com and click Dashboard in the sidebar.

A domain breach report, showing the number of people caught in data breaches, a list of breaches, and the information compromised.

Set up the domain breach report

Before you can find email addresses affected by data breaches, you’ll need to verify that you control a domain.

Verify a domain

Click Create Domain Breach Report, then click Get Started. Then enter your company domain and choose how to verify it:

  • Email: choose an administrative email address to send a verification code to, then click Send Verification Code. Enter the code and click Verify.
  • DNS record: add a text (TXT) record containing the verification code to the DNS entry for the domain you want to verify. Then click Verify.

    It may take up to 24 hours for DNS changes to propagate. To verify your domain later, go to the domain breach report, click Manage Domains, then click Complete Verification. If you need help, check with your DNS provider.

Manage verified domains

To include more than one domain in the report, click Manage Domains > Add Domain, then verify it.

To mark one domain as an alias of another, click next to the domain and choose Mark as Alias. Choose the domain you want to make it an alias of, then click Save.

To remove a domain, click next to it and choose Remove.

A list of administrative email addresses that can be used to verify ownership of the domain.

View the domain breach report

After you verify your first domain, you’ll see the breach report for it.

To see everyone affected by a specific breach, click beside it.

To see which accounts are vulnerable for a specific email address, click its breach details.

To sort or filter the list of breaches, click a header or one of the information compromised tags in your report.

To hide collections of personal information that may not have come from a data breach, turn on “Hide spam lists”.

A list of breach details for wendy_appleseed@agilebits.com.

Notify people affected by a data breach

If your company is affected by a data breach, click Notify Your Team to send an email to the affected team members. You can invite people who don’t use 1Password to join your team.

The affected people should:

  • Join your team on 1Password if they haven’t.
  • Use 1Password to change their password for the affected site and for any accounts where they’ve reused a compromised password.
  • Use Watchtower to find security problems with their items in 1Password and turn on notifications to get alerted of new data breaches.
An email notifying someone of the data breaches they've been affected by and what to do about them.

Learn more

Published: