Security Expert Launches BreachClarity.com, A New Data Breach Response Tool

A new online tool “analyzes publicly disclosed data breaches and gives concrete advice to victims,” reported CNET last week. Now the site’s creator, data breach expert jimvandyke, is asking Slashdot’s readers for feedback: At BreachClarity.com, just enter the name of any data breach you were in (such as ‘Anthem’, ‘Equifax’, ‘Yahoo’, etc.), and click the bright green ‘search’ button. Every publicly-reported breach since January 2017 (and noteworthy older ones) are in the database, and eventually every publicly-reported breach will be in the database, thanks to my non-profit partner the IDTheftCenter.org (ITRC). Breach Clarity is now available for free in basic form to consumers, as a very simple UI sitting in front of a comprehensive algorithm of my own design.

The goal of Breach Clarity is to help people by demystifying how any new data breach creates identity-holder risk of identity theft, identity fraud, and other harms. My goal in creating Breach Clarity is to move past the myths and victim-blaming (for instance, my research finds that very few people are actually ‘apathetic’ or ‘lazy’ when it comes to security, and it’s simply not true that ‘everyone’s data is all already out there’ for any cyber-criminal who wants to commit fraud in another person’s name).

Breach Clarity uses dynamic research, technology, and design-thinking to protect people in the face of an onslaught of ongoing data breaches (The ITRC recorded 1,244 publicly reported US ones last year, leading to over $10B in annual identity crimes as reported by my former company Javelin Strategy & Research!)… If you like what you see, please use it and spread the word.


The original submission says the site’s creator is currently “a one-person pre-funded operation, aiming to create an advanced and more full-featured version of Breach Clarity that will be licensed for financial institutions and employers.” But if this is beta testing, there’s some great technical support. “If you’re confused by what you see, you can actually call the phone number in the upper right of BreachClarity and talk to a real person for free. You’ll reach my partner, the ITRC, who gets grant funding from law enforcement and foundations.”

CNET notes that “You can already find out if you’ve lost login credentials and other sensitive information by visiting Have I Been Pwned or Firefox Monitor. Breach Clarity takes things a step further by helping you decide what to do afterward.”