Users who fear that the access credentials of their email accounts have appeared on the recently published list can now run a test to check. On Serversniff, Thomas Springer has set up a page that checks whether an email address appears on the known lists. To run the test, users simply enter the part of their email address before the "@" and the system will display any matching entries. However, only the first and last letter of the password will appear.
One may feel inclined to ask why the email providers, who also have access to these lists, haven't offered a similar service. Email providers such as Microsoft, Yahoo and Google initially assured users that all those affected had been informed and the compromised accounts had been blocked. However, it turned out that the list still contained valid access credentials for accounts used, for instance, to initiate password resets with services like PayPal, even days after the incident became known.

The link for this article located at H Security is no longer available.