I don't think he meant "show the actual data," I think he meant "what leaked? My name, address, phone number, email, medical records, payment history, bank account number?"

We get a "your private data is now public" email, but knowing exactly what data turns that from a depressing statement on how much corporations value their customers' privacy into something actionable.

>Most breaches already contain hashed passwords

It could show the hash instead.

>No, it's not ok that these passwords are already out there

So it's better that people have to pay for it instead of getting this information for free?

>Because it's important to say "I don't store passwords in HIBP"

This is a personal choice.

>I'm not your personal lookup service

The idea is that this would be done by the site itself and would not require manual work by the owner.