Breached Checks
Dark web checks to highlight when identities have been compromised.
What it entails
Breached checks ingest dark-web and breach-database feeds to flag whether an identity or credential has been exposed within the last 3 days, 30 days, or earlier. They bucket compromise events by recency (high, medium, low) to surface the most urgent risks. Historical compromise age tiers help prioritize remediation.
Why it works
Attackers leverage freshly compromised credentials for account takeover and credential-stuffing before victims reset passwords. Recent breaches represent high-velocity fraud windows that automated monitoring can intercept.
Checks
The following are the distinct IDs and types of checks that are included in the Breach Check Package.
BREACHED_IDENTITY_COMPROMISED
Recency of identity compromise events.
| Value | Name | Description |
|---|---|---|
NEW | Identity compromised very recently | The identity was breached in the last three days. |
RECENT | Identity compromised in last month | The identity was breached in the last 30 days. |
OLDER | Identity compromised over a month ago | The identity was breached more than 30 days ago. |
NONE | No information available | No compromise information available. |
Updated 16 days ago