Exposed Credentials Data Considerations Ingrid When classifying observations as Exposed Credential data, discovered email domains are matched with email domains owned by Bitsight customers. However, many websites do not actually validate email addresses, which makes it difficult to assert that certain exposed records are associated with company employees. February 8, 2021: Published. Related articles Exposed Credentials Risk Vector Exposed Credentials Data How is the Exposed Credentials Risk Vector Observed? Exposed Credentials API Endpoint TLS/SSL Finding Remediation & Remediation Verification Feedback 0 comments Please sign in to leave a comment.