Business Use Cases

We offer a range of credential monitoring services to protect users from individuals, small to medium sized businesses, to large corporations. With the largest database of stolen credentials, you can identify and secure your accounts that are targeted by hackers, today. Companies, like LastPass, are already using our solution to secure hundreds of millions of end user accounts from the account hijacking attempts that plague all businesses.

Domain Monitoring

Want to monitor your entire domain for compromised accounts? We can do that. Our domain monitoring solution allows you to monitor multiple domains at once - so you can safelly monitor all your business accounts.


  • Web portal
  • Matching on emails or domains
  • 24/7 automated alerting
  • Access to historical reports


As an IT shop at a university, we don't necessarily have the luxury of ensuring all of our accounts are using good, difficult to guess passwords. We also have a highly transient population of accounts. The PwnedList service is great tool to give us a heads up on potentially compromised accounts, allowing us to take remedial action immediately on receipt of their notice.

Paul Stead at University of Victoria

Penetration Testing

PwnedList API can make your penetration testing easier and more successful. We've had numerous MSSPs use our API service and perform successful authentications against target machines without ever sending a packet through the network.


  • RESTful API
  • Access to sources metadata
  • Free existing open source frameworks
  • Access to historical reports


We use PwnedList with the Recon-ng framework at Black Hills Information Security and it has drastically increased our efficiency and effectiveness during the penetration testing process. At times, we've had valid authentication credentials before sending a single packet to the target network.

Tim Tomes at Black Hills Information Security

End-User Protection

PwnedList provides our customers with full access to our real-time data feed through a RESTfulAPI, so our customers can focus on protecting their end users, instead of spending precious resources trying to hunt down the latest list of stolen credentials.


  • RESTful API
  • Access to sources metadata
  • Localized instace of our data feed
  • Sample code and open source tools


The PwnedList End User Protection Service provided immediate value as soon as we connected to it. With this service in place, we are able to further protect the interests of our end users by leveraging the largest stolen credential database to alert them of potential threats. We wanted the most extensive data source we could find to power the LastPass Sentry feature, and PwnedList has it.

Cid Ferrara at LastPass
PwnedList