Thanks for sharing your concern. I completely understand where you're coming from. The goal of DidTheyHack.me is to complement services like Have I Been Pwned. We offer free searches so users can quickly see if their data has been compromised. The paid feature is there for those who want to know exactly what information was exposed.
I made the decision to hide sensitive details like passwords (e.g., passw***), even in the paid version, to strike a balance between user security and preventing abuse. My hope is that by showing just enough information, users can identify their leaked data without exposing themselves to further risk.
I appreciate the feedback, and I’m always open to suggestions on how to make the service better for everyone.