Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how compromised credentials are impacting your business



Many businesses in 2023 alone received fines amounting to hundreds of millions of dollars because they had suffered data breaches. Now, with the General Data Protection Regulation (GDPR) in place, fines could be even higher.

Our API can help you to not fall victim to hacker attacks. Everyone can use the API - it can be used to incorporate our search engine into any information system.

All users of the API should only use the service to improve the security of their service or product offerings, secure their API credentials, ensure that any information obtained through the BreachDirectory API or any other services is secured from unauthorized access, and follow all of the applicable laws pertaining to their jurisdiction.

If a record exists in our database, we will return a JSON “200 OK” response, which will look like so:

        "title": "Test Data Breach",
        "domain": "test.com",
        "email": "[email protected]",
        "username": "Username",
        "ip": ""



After gaining access to the API, you can use it like so:

  • - $Method - Search method (At this time, there are the following methods available - users can search by providing a domain (“domain”), email (“email”), username (“username”) and IP address (“ip”).
  • - $Key - API Key acquired by purchasing access to the API.
  • - $Query - Search Query.

If you have bought access to the bulk API plan, you will also be able to provide the API with a text (.txt or .csv) file of accounts to search for. In that case, an additional parameter - “bulk_url” - is needed. In that case, the API should be used like so:

  • - $URL - The URL towards the file that contains user accounts that you need to search through the API. Make sure the extension of the file is either .txt or .csv.

Those people that have access to the bulk version of the API can also provide user accounts via the UI accessible here.

* There is no need to specify the query when using the API in bulk - specifying a file is enough.



If the search fails, the system will return error messages. Some of them are:

- A search method is required.

When a search method is not specified.

- An API key is required.

When an API key is not specified.

- You have exceeded the limit of queries allowed for your API key.

When the limit of queries allocated to the API has been exceeded.

- Invalid or expired API key.

When the API key in use is invalid or expired.

- A search query is required.

When a search query is not specified.

- false or an empty array ([])

When the search did not return any results.

File size too big! Consider removing some accounts from the file. We suggest searching for up to 100 accounts at once.

When the file you're using the bulk API with is too big. This is done to prevent malicious use, spam and possible system overload.