Mind the Gap in Your Verification Analysis

Bridging the Divide Between Breach Data and Actionable Intelligence

It has been a year since the massive AT&T data breach shook the digital landscape, an incident affecting 73 million current and former customers stretching back to 2019. While the $177 million settlement and the offer of complimentary credit monitoring may signal closure for AT&T, for the individuals affected and every other business online, this event could be only the beginning.

Once customer data enters the dark web, its impact reverberates for years. This data is bought, sold, and repurposed time and again in countless fraud schemes. Breach data is a point in time, static indicator of what a user’s credentials were on a site. As time passes it becomes less and less accurate as users could have closed their account or changed their password. This leads to lots of false positives when relied on to detect compromised accounts. In fact, industry estimates suggest that business losses from false positives reach an astonishing $300–$400 billion each year.

While breach data informs risk assessment systems during credential verification, it cannot stand alone as the ultimate arbiter of trustworthiness. It requires supplementary evidence to provide a holistic determination. Informative, yes, but rarely actionable by itself.

By contrast, integrating live data, information that demonstrates not only past compromise but that a fraudster is actively and or successfully using the credentials, transforms risk assessment, essentially bridging the gap from suggestive to actionable. Live data is rooted in real evidence, tracking accounts actively exploited by bad actors, and remarkably, it delivers zero false positives in relation to “we know the bad actor is using your data”.

The difference may seem nuanced, but this gap can make a big difference in how businesses respond to perceived risk. With over 12,000 data breaches reported last year alone, nearly everyone has faced exposure over the past decade, often more than once. If every breached account were classified by businesses as high risk, the result would be universal step-up authentication, an expensive, tedious, and frequently insulting process for customers.

A smarter approach combines breach data with live actionable intelligence, painting a clearer, more precise picture of the risk tied to each account, be it customer, employee, or vendor. This enables organizations to make judicious decisions about who merits additional verification or deserves to be declined outright. That’s why at myNetWatchman, we built our credential screening service to collect and combine breach data with actionable live data from multiple sources.

Prioritizing the use of live data can help bridge the gap between mere information and genuine security.

How Can myNetWatchman Help?

For more than a decade, myNetWatchman has been at the forefront of live data tracking, empowering organizations to anticipate and mitigate bad actor activity. With a dataset exceeding 38 billion credential pairs, growing by 15 million new entries daily, and available within seconds of detection, myNetWatchman offers unparalleled clarity into the risks associated with every user account.