Every breach we've indexed, queryable directly.
The breach corpus that powers Deepinfo's credential-monitoring sub-features is also exposed for direct query. Investigate a specific breach, look up exposure for a domain or email, search by date range, pivot from any breach to the data it exposed. The dataset behind the alerts, available for the investigations that don't fit a continuous-monitoring pattern.
Direct access to the breach corpus underneath.
Search by domain (every breach affecting that domain), by email address (every breach where that address appeared), by breach name (jump to the breach detail), or by date range (everything indexed in a given window). Results return with full breach metadata: name, source, breach date, exposure date, data types exposed, total record count.
This is the same dataset that drives Employee Email Breach Monitoring, Compromised Client Credential Monitoring, and Compromised Payment Credential Monitoring. Direct access lets analysts run investigations that don't fit a continuous-monitoring pattern: post-incident scoping, due-diligence scans for M&A, ad-hoc lookups for a specific email or domain.
Three query dimensions across one breach corpus.
Each dimension drills the same corpus from a different angle. Combine them for incident-response scoping, M&A due diligence, or analyst-driven investigation.
By target.
Search for every breach affecting a specific domain or email address. Returns breach list with exposure detail per breach.
By breach.
Pivot directly to a known breach by name. Returns full breach metadata, indexed credential count, and pivot links to affected addresses and domains.
By time window.
Search for breaches indexed in a given window. Useful for "what's been added since last week" reviews and time-bounded incident scoping.
Examples of what each breach record contains.
Breach name
Name and any common aliases for the breach.
Source
The originally compromised service or organization.
Breach date
When the actual compromise occurred.
Exposure date
When the data became public or was indexed by Deepinfo.
Data types exposed
Passwords, hashes, PII, financial data, and other categories present in the breach.
Total record count
Volume of records contained in the breach.
Affected-record search
Lookup by email or domain to count exposure within this specific breach.
The Data Breach Index is the foundation under multiple sub-features.
Three CTI sub-features run continuous monitoring against this corpus: Employee Email Breach Monitoring, Compromised Client Credential Monitoring, and Compromised Payment Credential Monitoring. The Data Breach Index makes the same corpus available for direct query, for investigations, scoping, and ad-hoc exposure assessment.
“Direct query access to the breach corpus means our investigations don't wait for a vendor to run lookups for us. Search by date, by domain, by email, by breach name; the answers come back in seconds.”
Explore the full platform.
See your entire attack surface. Act on what matters.
Continuous discovery and monitoring of every internet-facing asset, including subsidiaries and acquired companies.
See module CTI · CYBER THREAT INTELLIGENCESee what’s exposed. Act before it’s exploited.
Dark-web monitoring, breach corpora, infostealer logs, and threat-actor activity tied to your organization.
See module BRP · BRAND RISK PROTECTIONKeep an eye on the internet. Protect your brand.
Lookalike domains, fake apps, fraudulent listings, and brand abuse caught in hours, not weeks.
See module TPRM · THIRD-PARTY RISK MANAGEMENTEvery third party carries risk. See all of it.
Continuous external monitoring of every approved vendor with the same depth as your own surface.
See module DSI · DEEP SEARCH AND INSIGHTSExplore the entire internet. See every layer.
400M domains, 2B subdomains, 200B DNS records, 30B SSL certificates. All queryable directly.
See moduleSearch every breach for exposure tied to your domain.
Book a demo. We'll run live queries against your domain and walk through how the corpus integrates with the rest of CTI.