Every breach search tool you use today logs your email, your IP, and your queries. IntelFetch. DeHashed. Snusbase. LeakCheck. They all require email registration. Here's why — and why we built Lurk differently.
Breach search platforms require email for one reason: chargeback protection. If you pay with a card and dispute the charge, Stripe needs an email to resolve it. Email also enables password resets, account recovery, and upgrade emails. It's the cheapest way to build a SaaS auth system.
But here's the irony: you're using a breach search tool to check if your data was exposed — and the tool itself is collecting your email address and logging every query you make. That email address will sit in their database until they get breached too.
When you run a search on IntelFetch or DeHashed, the following is typically recorded:
For a security researcher doing adversary simulation, this is a serious problem. Your recon activity is being logged by a third party. If that platform is subpoenaed, breached, or simply has poor security practices, your investigation history is exposed.
Lurk uses a different model. Instead of creating an account, you pay with cryptocurrency and receive an anonymous token. The token is a random string — it's your only credential, and we never see it in plaintext (it's stored as a SHA-256 hash).
When you search, we check: is this token valid? Does it have searches remaining? If yes, the search runs. Nothing else is written. No IP, no query, no timestamp beyond what Redis needs for rate limiting (and that expires in 24 hours).
If you receive a legal demand for data about a specific user, we have nothing to give. There are no user records. There are no query logs. There are no IP addresses linked to searches. The warrant canary at lurk.st/warrant is PGP-signed monthly — if it stops updating, you'll know something happened.