Make it possible to opt-out ex-employee addresses from domain search.
It would be nice to have an option to opt-out addresses of ex-employees from domain searches.
For exampel: I have a domain with 1200+ Apollo results. A lot (75%) of those addresses don't excist anymore. I have no problem with paying for HIBP (love the service), but 75% of the data isn't relevant anymore.
TMC Martijn Olislaegers
shared this idea
There are a number of reasons why this isn't a path I want to take, starting with philosophical: a data breach is an immutable event in time and HIBP is intended to represent that event as accurately as possible. Whether someone still works for the company or not doesn't change their exposure at that point in time in the past.
I also don't want to get into a cycle of effectively using HIBP as a triage service. I've had lots of requests in the past to do things like provide the ability to flag an address as having been reviewed post-breach and that's something that really should happen on the org side. This request is comparable to that insofar as the org would be changing the state of data in HIBP on the basis of what's happening internally within their company.
Hope that makes sense.