Cit0day Mass Data Breach

cho-m · April 16, 2021, 11:45pm

Bitwarden will list breaches according to breach title that HIBP uses.

In this particular example, HIBP has labeled the breach "Title" as Cit0day

So, if HIBP detects your account has been breached, Bitwarden Data Breach Report will show Cit0day.

https://haveibeenpwned.com/api/v3/breach/Cit0day

Another example would be the breach Collection1
The breach title HIBP uses is Collection #1, so this is what Bitwarden would show.

https://haveibeenpwned.com/api/v3/breach/Collection1

Bitwarden detects breaches by using HIBP API for a specific account:

GET https://haveibeenpwned.com/api/v3/breachedaccount/{account}
Details: Have I Been Pwned: API v3

HIBP should have updated their database with information on breach, so Bitwarden Data Breach Report should show all breaches related to the account you search.

Not sure if there is any other “easy” way to search affected sites.

A more technical way might be to use the bitwarden-cli to possibly query your vaults domains and then compare with all affected sites.

Topic		Replies	Views
How to address "I was pwned" situation using Bitwarden Password Manager security , vault-health-reports	7	3040	January 7, 2023
Data breach report should search against all email addresses used in vault Password Manager app:all , vault-health-reports	38	11198	February 9, 2025
Vault Health Dashboard - All Reports should do automatic lookups and alerts Password Manager app:all , roadmap:planned , vault-health-reports	34	4456	August 17, 2025
Data Breach Report - Check Breaches - An error occurred trying to load the report. Try again Password Manager	7	4524	September 14, 2020
How to check for Data breach (Multiple accounts) Password Manager app:all , server:default-cloud	11	1657	January 14, 2025

Cit0day Mass Data Breach

Related topics