View a company's Exposed Credentials data in the Rating Details page.
- Admin and Group Admin can download Exposed Credentials data for your My Company and My Subsidiary in the Security Performance Management application.
The Exposed Credentials data download is only available in the SPM app.
The details include:
- Account
-
Available in the CSV download.
CSV column:
account
- Breached Site
-
The location where exposed data originated.
CSV column:
breach_name
- Description
- Information about the breach event or record source, typically with links to the original source report where applicable.
- Domains
- The current domains of this company that are affected.
- Exposure Date
-
The date when records were exposed.
CSV column:
event_date
- Observation Date
-
The date of observation by Bitsight.
CSV column:
observation_date
- Records
-
The total number of the company's exposed credential records.
Disclosed Attributes
Types of sensitive details that are identified within compromised sources:
The actual contents of the attributes are not shown, in correspondence with our Privacy Policy.
- Date of Birth
- Demographic information about the owner of the disclosed account. Typically used by organizations for verification purposes.
- Email Addresses
- Any email addresses associated with the information in a disclosed user account, typically used for signup or notifications.
- Gender
- Demographic information about the owner of the disclosed user account.
- Hashed Passwords
- Passwords for this disclosed account were hashed (using SHA-1, for example), so that the original passwords were obscured, but not salted, making them vulnerable to dictionary attacks.
- IP Addresses
- The network addresses that the owner of the disclosed account used to sign in to and access the compromised source.
- Known Languages
- Demographic information about the owner of the disclosed account.
- Name
- Typically the real-world name of the owner of the disclosed account.
- Password Hints
- Any text stored by the user to help them remember what their password might be.
- Passwords
- Passwords for this disclosed account were not stored in encrypted form.
- Personal Phone Numbers
- Contact information for the owner of the disclosed account.
- Physical Address
- Typically the mailing address of the owner of the disclosed user account.
- Physical Characteristics
- Arbitrary text typically used on social networking or dating sites.
- Race
- Demographic information about the owner of the disclosed account.
- Relationship Status
- Demographic information about the owner of the disclosed account.
- Salted Hashed Passwords
- Passwords for this disclosed account were hashed and a modifier used during hashing to make the stored password extremely difficult to guess.
- Security Questions
- User-supplied questions, and sometimes answers, for verification purposes.
- Sexual Orientation
- Demographic information about the owner of the disclosed account.
- Social Network Accounts
- Identifies on what other social network websites the owner of the disclosed account has additional accounts.
- User Photograph
- Typically an image of the owner of the disclosed account.
- Usernames
- Any user names associated with the information in a disclosed user account.
- Work Phone Number
- Contact information for the owner of the disclosed account.
Identity Intelligence Preview
Identity Intelligence is a premium product offering from the Cybersixgill product suite. A preview (of the aggregated data Identity Intelligence provides) is presented in the new Identity Intelligence preview card in the Exposed Credentials section of Rating Details.
Identity Intelligence offers:
- Fast insight, with alerts about new credentials as they are discovered.
- Detailed information about credentials belonging to the organization that may have been compromised.
- More credentials than the standard Exposed Credentials data in most cases.
- Password policy filtering, email exclusions, and correlation with identity providers (IdP).
- Identification of repeatedly leaked credentials automatically.
Available for your own organization through the Security Performance Management application.
Identity Intelligence Terms
Compromised Credentials are the Identity Intelligence version of Exposed Credentials. Identity Intelligence continuously and automatically scours the underground for compromised and exposed credentials from various sources such as data dumps from known breaches, unattributed or anonymous leaks, underground chatter, stealer logs from private sources, and compromised credentials sold on log markets.
Access for sale is an exclusive capability of Identity Intelligence that displays information on compromised devices, typically via stealer malware, that is available for purchase across underground markets. This data is based on the assets (domains and IPs) that are listed in an organization’s attack surface.
Identity Intelligence Data
The Exposed Credentials risk vector and Identity Intelligence products use different data sources that are not yet integrated. Identity Intelligence metrics are not inclusive of Exposed Credential risk vector data.
We may only use a sample subset of your organization’s domains to derive the Premium metrics in the card. In these cases, there might be more data than what is shown on the card. The card is for illustrative purposes only.
- Access for sale last year: Accounts with access for sale in the last 365 days from Identity Intelligence. This Identity Intelligence exclusive capability has no equivalent in Exposed Credentials, so it is always empty “-” in the Standard column.
- Detected in the last 7 days: Individual credentials across leak events in the last 7 days from Observation Date and Identity Intelligence equivalent.
- Detected in the last year: Individual credentials across leak events in the last 365 days from Observation Date and the Identity Intelligence equivalent.
- Premium numbers: Counted from the premium Identity Intelligence data source.
- Standard numbers: Counted from the standard Exposed Credentials risk vector data.
- April 11, 2025: CSV column names.
- March 25, 2025: Identity Intelligence Preview.
- January 14, 2024: Access clarifications.
Feedback
0 comments
Please sign in to leave a comment.