Account Takeover data
Account takeover data includes third-party account takeover records based on data acquired from the Arctic Wolf account takeover (ATO) monitoring service. These records provide details about third-party breach incidents and the user accounts involved.
The Account Takeover table includes this information:
|
Column |
Description |
|---|---|
|
Breach Description |
The description of the event. |
|
Breach ID |
The five digit identifier of the breach. |
|
Breach Time |
The date that the breach was detected, formatted in UTC. |
|
Confidence Level |
The degree of confidence in whether the account was breached. Possible values are Unverified and Confident. |
|
Customer |
Your customer ID. |
|
Customer UUID |
Your unique identifier. |
|
Deployment ID |
The ID of the Arctic Wolf appliance that detected this. |
|
|
The email address of the account that was taken over. |
|
Password Decryptable |
Whether the password is decryptable. Possible values are Yes or No. |
|
Password Type |
The type of password. For example, plaintext. This is often N/A. |
|
Publicly Disclosed Time |
The date that the breach was detected, formatted in UTC. |
|
Timestamp |
The time that the breach was detected.
Tip:
This field uses the date functionality in Analytics. This makes it easier to use for filtering. |