- November 17, 2021: Download now includes the date and breached site for each account.
- May 3, 2021: Group Admin can now also download Exposed Credentials data for their own organization.
- April 15, 2021: Moved to the Findings section.
In the Exposed Credentials section of a company's Rating Details page, use the Details button to see Exposed Credential finding details, including:
- Observation Date: The date of observation.
- Exposure Date: The date when records were exposed.
- Breached Site: The breached web site.
- Domains: The current domains of this company that are affected.
- Records: The total number of the company's exposed records.
Disclosed Fields
The following table highlights the account details that are identified within those compromised sources:
The actual contents of the fields are not shown, in correspondence with our Privacy Policy.
| Attribute Name | Description |
|---|---|
| Date of Birth | Demographic information about the owner of the disclosed account. Typically used by organization for verification purposes. |
| Email Addresses |
Any email addresses associated with the information in a disclosed user account, typically used for signup or notifications. Select the |
| Gender | Demographic information about the owner of the disclosed user account. |
| Hashed Passwords | Passwords for this disclosed account were hashed (using SHA-1, for example), so that the original passwords were obscured, but not salted, making them vulnerable to dictionary attacks. |
| IP Addresses | The network addresses that the owner of the disclosed account used to sign in to and access the compromised source. |
| Known Languages | Demographic information about the owner of the disclosed account. |
| Name | Typically the real-world name of the owner of the disclosed account. |
| Password Hints | Any text stored by the user to help them remember what their password might be. |
| Personal Phone Number | Contact information for the owner of the disclosed account. |
| Physical Address | Typically the mailing address of the owner of the disclosed user account. |
| Physical Characteristics | Arbitrary text typically used on social networking or dating sites. |
| Plaintext Passwords | Passwords for this disclosed account were not stored in encrypted form. |
| Race | Demographic information about the owner of the disclosed account. |
| Relationship Status | Demographic information about the owner of the disclosed account. |
| Salted Hashed Passwords | Passwords for this disclosed account were hashed and a modifier used during hashing to make the stored password extremely difficult to guess. |
| Security Questions | User-supplied questions, and sometimes answers, for verification purposes. |
| Sexual Orientation | Demographic information about the owner of the disclosed account. |
| Social Network Accounts | Identifies on what other social network websites the owner of the disclosed account has additional accounts. |
| User Photograph | Typically an image of the owner of the disclosed account. |
| Usernames | Any user names associated with the information in a disclosed user account. |
| Work Phone Number | Contact information for the owner of the disclosed account. |