I suggest you ...

Add breaches that may be hoaxes, but make it clear!

Often there are "breaches" which turn out to be hoaxes. On the one hand, having only verified breaches in the system is important in terms of confidence in the data but on the other hand, people still want to know if their email address is circulating in a hoax breach.

This feature would need to indicate that the breach has not been verified and may be a hoax. It's also important that it wouldn't just automatically appear in results returned by the API, rather it could be requested by passing a parameter to the API such as "IncludeUnverifiedBreaches=true" where the default position when the parameter doesn't appear is "false". This would also necessitate returning an additional attribute in the API such as "IsVerified".

9 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
AdminTroy Hunt (CEO / Founder, Have I been pwned?) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base