Bio and Photos

The contents of this page may be used wherever a bio or photos are required. You're welcome to pick and choose at will and tailor the content to suit the intended audience.

Short Bio

Troy Hunt is an Australian security researcher and founder of the data breach notification service, Have I Been Pwned. Troy has a background in software development specialising in information security and is a regular conference speaker and trainer. He regularly appears in the media, works with government and law enforcement agencies and has appeared before US Congress as an expert witness testifying on the impact of data breaches. Troy is also a Microsoft Regional Director (an honorary title) and regularly blogs at from his home on the Gold Coast.

The Longer, More Personal Version


I started out building software for the web in '95 where I had various roles in Australia and the UK. In 2001, I went to Pfizer in Sydney and spent the next 14 years until my departure in 2015 building and managing software in the world's largest healthcare company. I worked first as a software developer then as an Architect responsible for software delivery across Asia Pacific. This ranged from systems to manage clinical trials, report on patient adverse events and optimise sales force operations.

Training and Speaking

Since 2015, my focus has been primarily information security. As an independent, I've published dozens of courses on Pluralsight, written many more for other tech companies, run over 100 workshops around the world for banks, governments and e-commerce companies and spoken at and keynoted at just as many global conferences. A portion of the public appearances are recorded and listed on this website.

Have I Been Pwned

In 2013, I founded the data breach search and notification service, Have I Been Pwned (HIBP). The project has grown to encompass hundreds of data breaches spanning many billions of records and is used daily by hundreds of thousands of people. The Pwned Passwords service alone is used more than 2 billion times every month in an effort to help block known compromised passwords from being reused. Today, dozens of national governments rely on the service to provide them insights into the impact of data breaches on their departments. HIBP has become an essential service that has helped shape the internet as we know it.

Government and Law Enforcement

Both through my involvement with HIBP and as a speaker and trainer, I regularly engage with governments and law enforcement agencies globally. The FBI and NCA regularly provide HIBP with compromised passwords identified in the course of their investigations. I speak at many internal cybersecurity events for law enforcement agencies. I've testified before US Congress on Identity Verification in a Post-Breach World. HIBP is regularly referenced and recommended by national cyber security centres around the world.


I enjoy talking to the media about cybersecurity and regularly appear in print, online broadcasts and national television programs. Over the years, my efforts in infosec and particularly the work I've done on HIBP have appeared everywhere from CNN to the BBC to TIME to WIRED and just about every major publication imaginable. A more comprehensive list is on my media page.

Microsoft Most Valuable Professional and Regional Director

I hold two Microsoft titles, both honorary in nature. Since 2011, I've been a Microsoft Most Valuable Professional (MVP) specialising in developer security and technologies. Since 2016, I've also been a Microsoft Regional Director (RD), a titled awarded to "the world's top technology visionaries for their proven cross-platform technical expertise, community leadership, and commitment to business results".

Advisory Roles

Since 2020, I've served as a Strategic Advisor for NordVPN. I've also sat on 1Password's Board of Advisors since 2020.


I live on the Gold Coast, Australia, with my wife and 2 kids.