Cit0day Breach Detection

Cit0day Breach Detection

Quick Summary

Cit0day had a massive data breach in November 2020, which leaked credentials for over twenty thousand websites. It is more complicated than usual to determine which credentials you need to change because there were so many websites involved in the breach.

You can use a tool we created to check which domains you need to change your password for.

Just navigate to the following link and follow the instructions:

The Problem

In November 2020, there was a massive data breach of the Cit0day service, which contained over 23,000 hacked databases. You read that right. 23,000 hacked databases, not 23,000 credentials. This was different than a typical data breach because Cit0day was a service that provided breached credentials to users for a fee (like Dehashed) rather than a service that stored user credentials for authentication (like Facebook).

This means if Cit0day stored your credentials for one of the 23,000 websites they had passwords for, your password would be compromised.

Services like “Have I Been Pwned?” allow a user to determine if their email address was involved in a data breach. Usually, this is extremely useful because the user can simply 1) type in their email, 2) see which breached websites their email was involved with, 3) and then change their password for those websites.

Cit0day is different. Many services like “Have I Been Pwned?” tell you that your credentials were compromised in the Cit0day breach, but don’t tell you which of the 23,000 databases your credentials were found in. This means that you have almost no recourse because you don’t know which website you should change your password for.

The Solution

Pensive Security has developed a tool that makes it easy to determine which websites you need to change your password for, based on the entries you have in your password manager (like LastPass or 1Password). The tool compares the list of domains included in your password manager with the list of domains included in the 23,000 Cit0day databases. If any matches are found, it will indicate the domains you need to change your password for. Then, all you have to do is go to that website, perform a password reset, and change it to a new, strong password.

You can find the tool at:

It is entirely free, and better yet, it runs entirely in your web browser locally and does not transmit any sensitive data away from your computer. To use the tool, navigate to the URL and follow the instructions.

If you want to check out the source code, you can find it here:

January 2021: Cybersecurity Roundup December 2020: Cybersecurity Roundup
Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now