Find the Right Plan

Whether you're protecting your own domains or monitoring your customers', HIBP has a plan for you. Use the plan finder below or browse our options.

Plan Finder

Answer a few questions and we'll recommend the best plan for you.

What do you want to do?

Do you need to search for breached email addresses via the API?

Do you need anonymous (k-anonymity) searches?

K-anonymity lets you search without revealing the full email address to the API. This is a Pro-exclusive feature.

What API rate do you need?

Plans are differentiated by the number of API requests you can make per minute (RPM). Higher RPM tiers cost more but allow faster, higher-volume querying.

Tell us about your domain monitoring needs

You don't currently have any domains on your dashboard, add them first for a more accurate result.

Whose domains are you monitoring?

How would you like to add domains?

The API allows you to add and remove domains programmatically or in bulk — ideal for automation. The dashboard requires adding each domain individually, which is fine for smaller setups but becomes laborious at scale.

How many domains do you need to monitor?

Check your domain's breach exposure (optional)

Enter your primary domain to see how many breached email addresses are associated with it. This helps size your Core plan.

Do you need to search stealer logs?

All Pro plans include stealer log access. Stealer logs are not available on Core plans.

We recommend

Not sure which plan fits your needs?

Answer a few questions and we'll recommend the best plan for you.
Find my plan

Choose Your Plan

Four tiers designed for different needs: Core for small businesses, Pro for enterprises and MSPs, High RPM for high-volume API users, and Enterprise for white-label deployments.

Free:

Core

Small businesses
From $5.30/mo

Monitor your own domains with up to 20 domains per plan.

See Core plans
New

Pro

Enterprises & MSPs
From $450/mo

Monitor your own and your customers' domains with up to 800 domains.

  • Everything in Core, plus:
  • No domain size limit
  • EDU/NFP discounts available
See Pro plans

High RPM

High-volume API users
From $1,520/mo

High-throughput email API access with k-anonymity. No domain monitoring.

  • 4,000–12,000 RPM
See High RPM plans

Enterprise

Enterprises & MSPs
From $2,000/mo

White-label breach intelligence with real-time callbacks and invoice billing.

  • Everything in Pro, plus:
  • Legal/procurement docs
Contact us

Core Plans

For small businesses monitoring their own domains. Plans are sized by breached email addresses per domain and number of domains.

Save up to 16% with annual billing
Plan RPM Max Domain Size Max Domains Price
Core 1
 10 25 addresses 1 domain
$5.30
per month 		Subscribe
Core 2
 50 100 addresses 3 domains
$26
per month 		Subscribe
Core 3
 100 500 addresses 5 domains
$44
per month 		Subscribe
Core 4
EDU/NFP discounts available 		500 Unlimited 10 domains
$190
per month 		Subscribe
Core 5
EDU/NFP discounts available 		1,000 Unlimited 20 domains
$380
per month 		Subscribe

Pro Plans New

For enterprises and MSPs monitoring their own and their customers' domains. No domain size limit on any plan.

Customer domain monitoring Bulk domain add Auto subdomain verification k-Anonymity Stealer logs EDU/NFP discounts
Plan Email RPM K-anon RPM Max Domains Price
Pro 1
 500 250 50 domains
$450
per month 		Subscribe
Pro 2
 1,000 500 100 domains
$850
per month 		Subscribe
Pro 3
 2,000 1,000 200 domains
$1,600
per month 		Subscribe
Pro 4
 4,000 2,000 400 domains
$3,000
per month 		Subscribe
Pro 5
 8,000 4,000 800 domains
$5,600
per month 		Subscribe

High RPM Plans

For high-volume API users who need fast, privacy-preserving email lookups. k-Anonymity enabled on all plans. No domain monitoring included.

k-Anonymity search Plain text email search 4,000–12,000 RPM
Plan RPM K-anon RPM Price
High RPM 4000
 4,000 2,000
$1,520
per month 		Subscribe
High RPM 8000
 8,000 4,000
$3,040
per month 		Subscribe
High RPM 12000
 12,000 6,000
$4,560
per month 		Subscribe

Frequently Asked Questions

This refers to the number of unique email addresses on your domain that have appeared in known data breaches. For example, if your domain is "example.com" and 50 email addresses from that domain have been found in breaches, your domain has 50 breached email addresses. This is not the number of employees or total email accounts you have -- only those that appear in breach data. You can check your domain's breach count using the plan finder above.

Core is designed for organisations monitoring their own domains. Plans are sized by the number of breached email addresses per domain and how many domains you need. Pro is designed for enterprises and MSPs who also need to monitor their customers' domains. Pro includes additional features like bulk domain add, auto subdomain verification, k-anonymity search, stealer logs on all plans, and no domain size limit. Pro also offers EDU/NFP discounts and reseller access on all plans.

As an MSP, you'll need a Pro plan. Pro plans allow you to monitor your customers' domains in addition to your own, with domain limits ranging from 50 to unlimited. Pro includes customer domain monitoring, bulk domain add, and auto subdomain verification to make managing multiple clients straightforward. All Pro plans include EDU/NFP discounts and reseller access.

If you need to monitor more domains than your current plan allows, you'll need to upgrade to a higher-tier plan. You can upgrade at any time and your billing will be prorated. Use the plan finder above to determine which plan fits your domain count needs.

Yes. For Core plans, EDU/NFP discounts are available on Core 4 and above. For Pro plans, EDU/NFP discounts are available on all tiers. Contact us for enterprise pricing for educational institutions and nonprofits.

Yes, you can upgrade from a Core plan to a Pro plan at any time. Your billing will be adjusted accordingly. If you're unsure which Pro plan is right for you, use the plan finder wizard at the top of this page.

Callbacks are a real-time breach notification feature exclusive to the Enterprise tier. When a new breach is loaded into HIBP that affects your monitored domains, a callback is sent to your specified endpoint immediately. This enables you to build automated workflows that respond to breaches in real time, rather than polling the API for changes.

Need Enterprise-Grade Breach Intelligence?

Get white-label access, real-time breach callbacks, invoice billing, and dedicated support. Enterprise plans start at $2,000/month.