The free service, deployed using Microsoft Azure and Cloudflare services, helps IT people and online users who want to check the security of their online accounts, on global scale. Currently, HIBP contains over 9.5 billion compromised accounts on its database, with millions of subscribers seeking to understand if their online security has been compromised.

Hunt announced the sale of HIBP in June last year after being close to burn out. He hired KPMG to assist on the merger and acquisition (M&A) process, narrowing the original 141 companies down to 43. He outlined his requirements for the sale, including its continued free search capability, that he maintain control of the process, and that the company focus on changing consumer behaviour.

While Hunt hasn’t disclosed either the bidders or the prospective buyer on the breach-checking website, he has explained the deal fell apart during the due diligence process when they decided to change their business model. The sales process took 11 months and has derailed Hunt’s plan for selling to another company. “After many months of exclusivity with a single organisation and going through crazy amounts of due diligence, the effort involved in scrolling back to the September time frame and starting it all again with another organisation would have been enormous,” Hunt explains.

Hunt is still thinking about how HIBP might be expanded upon to tackle cyber security attacks and change how users understand them across the entire breach ecosystem.