Response FIelds Explained:

• EmailAddress: The email address associated to the data breach
• LastModified: The DateTime of when the latest data breach was discovered for this employee, formatted as an ISO 8601 string (e.g. "2024-03-05T05:55:33.7465851Z").
• BreachAddressed: True or false statement on whether this employee has been marked as notified within the CanIPhish Cloud Platform.
• BreachedServices: A list of strings representing the services where the data breach originated from (e.g. LinkedIn, Facebook, Gravatar, etc.).
• DataClasses: A list of strings describing the data that was breached (e.g. Email addresses, Names, Usernames, Passwords, etc.)

Notes:

1. Dark web monitoring must be enabled on your CanIPhish tenant for this API to function. If disabled, no data will be returned.
2. Have I Been Pwned is a subprocessor of CanIPhish, and all information provided from this API has been collected from Have I Been Pwned. For live information, you can use the Have I Been Pwned API.