Breached
What it entails
Breached checks ingest dark-web and breach-database feeds to flag whether an identity or credential has been exposed within the last 3 days, 30 days, or earlier. They bucket compromise events by recency (high, medium, low) to surface the most urgent risks. Historical compromise age tiers help prioritize remediation.
Why it works
Attackers leverage freshly compromised credentials for account takeover and credential-stuffing before victims reset passwords. Recent breaches represent high-velocity fraud windows that automated monitoring can intercept.
Checks
The following are the distinct IDs and types of checks that are included in the Breach Check Package.
BREACHED_IDENTITY_COMPROMISED
Recency of identity compromise events.
| Value | Name | Description |
|---|---|---|
HIGH | Identity Compromised in last 3 days | The identity has been compromised recently, indicating high potential fraud. |
MED | Identity Compromised in last 30 days | The identity has been compromised in the last month, indicating medium potential fraud. |
LOW | Identity Compromised 30 days or more ago | The identity was compromised 30+ days ago, indicating lower potential fraud. |
NONE | No information available | No compromise information available. |
Updated 21 days ago