How to check if the iCloud email address or Apple ID has been compromised

There’s no 100% certain way to be sure that an Apple ID and/or iCloud email address has not been compromised.

However, you can use an online service such as the Have I been pwned? site to conduct a search of your email addresses to check whether there’s any known breaches (e.g. the Linkedin and Adobe breaches a while back) that contained information relating to your email address. If a known breach involving your email address has occurred, this site can provide details of what data may have been breached.

For example, say I've had my email address registered with Adobe for five years, then by entering it into this site it will show that there was a breach of Adobe’s site in 2013 and that the compromised data included email addresses, usernames, passwords and password hints.

Notify me function

Another feature of the Have I been pwned? site is that you can elect to be notified if at any future point your account is compromised. You can do that by registering your email address with the Notify me function.

Searching entire domains

If you happen to have your own domain (or are responsible for one), you can also use the Domain Search function to search for any email addresses on that domain that have been compromised.

However, this will require you to enter both the domain and an email address, as well as going through a quick process to verify you're responsible for the domain in question. Once you've done that you can choose to download a file containing the data.

NOTE: I am not affiliated in any way with the Have I been pwned? site. However I have used it many times and can attest to the fact that all features mentioned here work well.

IMPORTANT

If you have any reason to suspect that any of your Apple IDs have been compromised, I strongly recommend you change your password.