Credential breach detection

We help you discover leaked credentials online

The absolute easiest way into the core of a business and its information assets is through an employee’s username and saved password.

Look at the user information as a regular door key; if the key is suddenly outside the door – why bother to break in by creative means when you can simply just get a hold of the key unlock the door?

The password is the basis for a closed system, and the boundary between public and non-public information. But it isn’t primarily your own systems that are the problem, but what happens to other services and providers outside of your systems.

A common mistake is to reuse your user information, email and password, in several different places. The security risk arises when other services used by the employee are hacked, or leaked.

When the user information ends up in a general leak, it is available for anyone to collect and then use as a key to get inside the company. This is incredibly common, and due to just how common selling user data is today, user credentials cost only a few dollars on the black market.

Why Safestate?

Connecting a monitor to the organization’s domain address is an easy way to get alerted about leaks directly – before anyone has time to exploit it.

Our password monitoring service is integrated in Safestate where we continuously and actively search for new leaks with hijacked passwords, both automatically and manually in:

  • Dumped and leaked texts (pastebins)
  • Very protected forums on Darknet
  • Protected forums on Darknet and in Clearweb
  • The Tor netwok and I2P networks
  • P2P networks (dumped torrents)
  • Web directories on Clearweb
  • Databases for leaked data (MongoDB)
  • Cloud sharing services (Mega/Cloud drive)

Safestate’s signature, simplicity, also applies to password monitoring; all you have to do is fill out which domains you want to monitor and you’re all set. The first time you do this you’ll get a summary of possible leaks the data has already been involved in, and then you’ll be alerted as soon as the data is found in new leaks.

We are sometimes asked why the customer should use our service and not a free service. The answer is quite simple. We have the resources and systems to search actively and deeply. This means that we find more leaks, and we find them faster. We do not only search publicly – which means that the time from when the content of the leak is published or sold, to when an attacker tries to use the password in your systems, is miniscule. What follows is a comparison between the free service ”HaveIBeenPwned” and our service;



Leaked accounts

26 billion

10 billion

Number of leaks

5 000+


Can alert for new leaks



Searching in public, well-known leaks



Protects all email addresses under the same domain


Looking for/in hidden and concealed leaks


Automatically and actively searches for new leaks


Use for yourself, or with a partner

Our password monitoring is one of the most popular services among our partners. We believe that it is due to the fact that it is a concrete and clear service, which provides real added value and is also easy to understand.

The flexibility of the service means that you can adapt the content the customer receives according to which package they buy, e.g. tailor how much intelligence about the leaked information the customer can access according to their expressed needs.

Our partners often add password monitoring as part of a whole, e.g. in an insurance offer or in a service package with other IT and / or security solutions.

We also have partners who offer password monitoring as a separate service, such as the Swedish Confederation of Entrepreneurs below.

The Swedish Confederation of Entrepreneurs (Företagarförbundet) has started a collaboration with Safestate, which offers security solutions of varying degrees. Our basic offer together initially is a password monitor for your company’s email addresses.

Safestate continuously scans the web for the email addresses with the domain you registe, and warns you if your email addresses are “leaked” from any database. If this happens, you will receive a warning and can quickly change your passwords, thus keeping your accounts secure.

Mats Assarsson

Federal President