The Data Breach Detection API response includes up to 10 entities and a Meta Info area with reference to API consumption and the request itself, such as the "next" URL to get the next batch of entities matching your query.
Each DBD entity is constructed of 3 objects:
- The Document Object - Each document represents a single Compromised entity.
- The Leaked record Object - Each record represents a mention of the compromised entity as part of a breach (list of leaked records).
- The Aditional_Info Object
Each response includes one or more compromised entity documents.
Document Object
| Field Name | Description | Type |
|---|---|---|
| value | Compromised entity value. e.g. [email protected] | String |
| type | Type of compromised entity. Possible Values:
| String |
| uuid | A unique ID representing the compromised entity | String |
| crawled | The date/time when the compromised entity was first leaked. | Date Format: yyyy-MM-dd'T'HH:mm:ss.SSSXXX |
| updated (See the note below) | The date/time the compromised entity was updated, when a crawler detects a change in the breach | Date Format: yyyy-MM-dd'T'HH:mm:ss.SSSXXX |
| leaks | An array of leaked records of the compromised entity | Object |
Leaked Record Object
A breach can be retrieved, in one of the following formats:
- File - breached database or file found in a file hosting by Webz.io platform.
- Snippet - part of a post in the dark networks, either a discussion threat or blog or paste.
| Field Name | Description | Type |
|---|---|---|
| uuid | A unique ID representing the breach | String |
| name | The name of the breach | String |
| filename | The name of the compromised file | String |
| breach_date | The official date of the breach | Date Format: yyyy-MM-dd'T'HH:mm:ss.SSSXXX |
| fields | List of compromised fields detected as part of the breach | Array[Strings] |
| network | The name of the dark network , where the breach was found. Possible Values:
| String |
| domain | The domain of the site where the breach was found. | String |
| cyber_doc_ref | The official URL of the leaked mention | String |
| updated | The latest time the entity was identified and crawled. Format is date/time | Date Format: yyyy-MM-dd'T'HH:mm:ss.SSSXXX |
| additional_info | An extended object providing more information on the compromised content | Object |
Additional_Info Object
| Field Name | Description | Relevant to Parameter | Type |
|---|---|---|---|
| password | The sanitized password relevant to the compromised entity | email, account_name | String |
| is_hashed | Is the password was hashed | email, account_name | Boolean |
| expy | Expiration Year of the compromised card | Creditcard, bin6, bin8 | String |
| expm | Expiration Month of compromised Card | Creditcard, bin6, bin8 | String |
Meta Info
| Field Name | Decription | Type |
|---|---|---|
| totalDocs | The total number of documents matching your query | Integer |
| moreDocsAvailable | How many more documents are available | Integer |
| next | A URL to get the next batch of documents matching your query | String |
| requestsLeft | How many more records are available in your current subscription plan | Integer |
{
"docs": [
{
"value": "lilo1234",
"type": "ACCOUNT_NAME",
"uuid": "f8d18fff6b48999af763225b7f8c39248f2ae4e6",
"crawled": "2020-04-24T18:31:22.286+03:00",
"updated": "2020-06-15T19:37:19.600+03:00",
"leaks": [
{
"uuid": "7818b58487e97d5a0916941592aa4e3989d341b2",
"name": "LiveJournal.com 26M",
"filename": "LiveJournal.txt",
"breach_date": "2020-05-20T03:00:00.000+03:00",
fields: [
"email",
"account_name",
"password"
],
"network": null,
"domain": null,
"cyber_doc_ref": null,
"crawled": "2020-06-10T11:31:08.000+03:00",
additional_info: [
{
"password": "a****fi",
"is_hashed": false,
}
]
},
{
"uuid": "e41fc757ba9ebda00c378e166c5e400c6a3e52b8",
"name": "Webkinz 22.98M records",
"filename": "webkinz.txt",
"breach_date": "2020-04-18T03:00:00.000+03:00",
fields: [
"account_name",
"password"
],
"network": null,
"domain": null,
"cyber_doc_ref": null,
"crawled": "2020-04-24T13:36:01.752+03:00",
additional_info: [
{
"password": "$1$tPf.R6ez$YkUOpD/J0YoG3iUGvmReH/",
"is_hashed": true,
},
{
"password": "$1$4ImBPBMf$sNuZ0yTEW9WG.v9nOnmgd/",
"is_hashed": true,
}
]
},
{
"uuid": "942bb0ad98cbc8d68105260ecf5581ac68861acf",
"name": "Poshmark",
"filename": "Poshmark.csv",
"breach_date": "2019-09-01T03:00:00.000+03:00",
fields: [
"email",
"account_name",
"password"
],
"network": null,
"domain": null,
"cyber_doc_ref": null,
"crawled": "2019-12-01T17:35:55.127+02:00",
additional_info: [
{
"password": "$2a$10$eY5uq/GxgIeJ1RfAqhldhOd./REgQSo1NM9tP1iF5qdF3ENoj.bJu",
"is_hashed": true,
}
]
}
]
}
],
"totalDocs": 1,
"moreDocsAvailable": 0,
"next": null,
"requestsLeft": 999659
}