SpyCloud Guides
spycloud.comGet a demo
Start typing to search…

Understanding Data Sources

Data Sources Powering SpyCloud Investigations

SpyCloud’s Investigations solutions are powered by a rich, diverse set of underground and open-source intelligence, enabling deep visibility into cybercriminal activity. Our proprietary collection methods surface compromised data types that extend far beyond traditional breach corpuses – offering investigators the critical context needed to link identities, map threat actor infrastructure, and uncover the full extent of exposure.

📦 Data Sources at a Glance

🔓 Data Breaches

A breach occurs when an organization’s user data – like usernames, emails, and passwords – is exposed or stolen, often through vulnerabilities or hacking incidents. This data is later found in public or underground databases.

🪫 Infostealers

Infostealer malware, like RedLine, infects individual computers and secretly captures sensitive information such as saved passwords, cookies, and autofill data. Unlike breaches which come from a centralized hack, infostealers operate on infected endpoints and steal data directly from unsuspecting victims. Often, victim computers are infected through malicious downloads, such a game cheat or file falsely represented as a software patch.

🎣 Phishing

Phishing attacks trick users into giving up credentials or personal information by masquerading as trustworthy sources through fake emails or websites. Phished data often leads to credential exposure and unauthorized access.

📑 Combolists

Combolists are large collections of username and password pairs gathered from multiple breaches and leaks, often consolidated into lists used for credential stuffing and automated account takeover attempts.

🧪 Password Cracking

SpyCloud internally cracks passwords from breached or stolen data with the assumption that if SpyCloud can crack them, attackers likely can as well. These cracked passwords reveal plaintext credentials, enabling the linkage of accounts across breaches, infostealer infections, phishing incidents, and combolists – uncovering broader exposure and threat patterns.


💡MORE ON DATA SOURCES

Want to learn more about our data? Explore our data.

Updated 3 months ago