Embodiments of this application disclose a method for detecting a security breach. The method includes: receiving a target message sent by a terminal of a first account to a terminal of a second account; determining that there is a potential security risk associated with the first account; interrupting transmission of the target message from the first account to the second account; randomly selecting an identity authentication question from a preset question database; separately sending the identity authentication question to the first account and the second account, respectively; receiving a first answer to the identity authentication question from the first account and a second answer to the identity authentication question from the second account; and resuming transmission of the message from the first account to the second account when the first answer matches the second answer.