The Data Breaches API provides structured, real-time access to compromised data originating from info stealer malware logs, public and private data breaches, and other underground sources. The API delivers rich metadata for each record, enabling security teams to investigate and respond to incidents involving compromised assets.
The API covers the following:
- Credentials - Usernames, emails, and passwords exposed in breaches, combo lists or stealer logs.
- Cookies - Session cookies details used for login authentication.
- Device-Related Entities - Credentials and information harvested from infected devices by infostealer malware.
To ensure compliance with privacy regulations and to protect sensitive data, access to certain records is restricted to authorized assets using the Authorized Domains API.