HomeGuidesChangelog
Log In
Guides

Breached

What it entails

Breached checks ingest dark-web and breach-database feeds to flag whether an identity or credential has been exposed within the last 3 days, 30 days, or earlier. They bucket compromise events by recency (high, medium, low) to surface the most urgent risks. Historical compromise age tiers help prioritize remediation.

Why it works

Attackers leverage freshly compromised credentials for account takeover and credential-stuffing before victims reset passwords. Recent breaches represent high-velocity fraud windows that automated monitoring can intercept.


Checks

The following are the distinct IDs and types of checks that are included in the Breach Check Package.

BREACHED_IDENTITY_COMPROMISED

Recency of identity compromise events.

ValueNameDescription
HIGHIdentity Compromised in last 3 daysThe identity has been compromised recently, indicating high potential fraud.
MEDIdentity Compromised in last 30 daysThe identity has been compromised in the last month, indicating medium potential fraud.
LOWIdentity Compromised 30 days or more agoThe identity was compromised 30+ days ago, indicating lower potential fraud.
NONENo information availableNo compromise information available.

What’s Next

Learn how we help you understand the longevity and validity of an email