Protect your customers today against account takeovers, online buying and selling fraud and identity theft.

GB leaked data

unique credentials

.nl email addresses

The possibilities

With the CredSieve™ service, we offer our customers the opportunity to recognize and reinforce vulnerable login details of their customers, clients, patients or employees. With CredSieve™ the online leaked databases with usernames and passwords have been made searchable. We map the leaked login details of your important user accounts for you, so that you can immediately protect them.

Below you can find the various service options.


Price per month: € 139,90
Price per email-address: € 0,00049

  • The leaked login data is filtered using a list of email addresses from your environment.
  • Validating password hashes, such as md5, sha, or bcrypt, is not supported.
  • You still have to validate yourself whether the relevant leaked login data works on your environment.


Price per month: € 239,90
Price per email-address: € 0,00079

  • The leaked login data is filtered and validated on the basis of a list of email addresses and password hashes.
  • Standard hashes, such as md5, sha, or bcrypt, are supported during validation.
  • You no longer have to validate yourself whether the relevant leaked login data works on your environment.

For a filteraction, a minimum calculation of 250,000 email addresses per filter action applies.

Would you like to know more about our services? Then contact us by phone. Or just send us an email and we will contact you as soon as possible.

Frequently Asked Questions

We have elaborated many questions regarding CredSieve™ below. If you have more or other questions, please do not hesitate to contact us. We are happy to assist you!

What is the just cause of CredSieve™?

We think it is extremely important that everyone in the online world is safe and will not become a victim of cybercrime. In the online world that we strive for, there is no more fraud, extortion and scams, and identity theft is also a thing of the past.


These criminal activities very often start with the misuse of login details that have become public in a data breach. The criminals then log in with that data on other websites where that account also exists. These are also called account takeovers. This unimaginably large volume of login data can be freely downloaded and used by cyber criminals.


And organizations are often left behind. Criminals misuse the leaked login details to commit online purchase and sales fraud, to take over identities or, for example, to try to get ransomware into the organisation. With ransomware, an organization can be extorted for payment of a penalty after the criminals have locked all data of the organization.


We give our customers the opportunity to use the same amount of leaked login data to protect themselves, but also their customers, clients, patients or employees. With CredSieve™, we therefore help organizations to map and tackle the vulnerability of account takeovers.


Of course we know that the perfect world cannot be realized. But we will do everything we can to get as close as possible to it.

How did the name CredSieve™ come about?

The name of our service is CredSieve™. This is a merger of Credentials and Sieve. And sieving credentials is exactly what we do for our customer.

As a private individual, can I also use this service?

No, unfortunately we don’t allow that. We only provide this service to legal entities registered with the Chamber of Commerce. This is because we want to prevent the login data from being processed for any purpose other than protecting our customers’ customers and employees.


U can, however, check via this website of the Dutch Police if your email-address has been found during criminal investigations.

What about my login details?

If your login details occurred in one of the data leaks in the past, there is a chance that it also occurs in the dataset of this service. Think of data leaks at LinkedIn, Adobe, MySpace, and many others.


When you are curious whether your login details appear in the dataset, you can send an email to [email protected]. You must then send the email from the email address you wish to have checked. Of course we do a technical validation whether the email really comes from you.


If the email sent is legitimate you will be added to the list. Within approximately 4 weeks you will receive any information that we have in our database free of charge. We will only send a message back to the address from which an email was sent to us. If we have no data, you will of course also hear that.


You will then have the opportunity to change the leaked password wherever you are still using it. Make sure you use a unique password per account, and that you do not share the password with others. This way you protect yourself against fraud and identity theft.


Please note, we will not email you on our own if your email address appears in the dataset. You will have to be the first to send us an email. We only process requests from private email addresses.

How does the service actually work?

In short, the process works as follows. Our client uploads a list of email addresses to our Cloud storage. We will then compare the supplied list with the list of online and publicly available leaked login data.


We collect all similarities between the two lists in a new dataset. This dataset can be downloaded by our customer for a limited time, after which it is permanently deleted. After downloading, our customer can immediately get started to verify whether the filtered login data actually works on their own website.


And if the login data does indeed work, our customer can immediately protect the account against account takeovers.

What are the costs for using this service?

The costs are made up of two elements. The first concerns the fixed monthly subscription costs. These are for maintaining the environment, but of course also the support that is included in our service.


The second concerns the costs per filter action. With a minimum purchase, the costs are calculated on the basis of volume. All costs are completely independent of the dataset that you receive from us.


For more information about the price and contract details of this service, please feel free to contact us. We can already tell you that by preventing approximately one case of fraud per month, the costs for the service have already been recouped. And your customer is also better protected!

How are the login data collected?

We “simply” download the login data from the Internet. Think of publicly available hacker forums and similar sources. In this way we have built up our entire dataset, but we are also continuously expanding it.


By the way, we do apply one very important principle. And that is that we will never, ever, ever buy leaked login details. We will never reward the provider of leaked data for it in any way. After all, rewarding crime should never be the result of our work. And this principle is non-negotiable.


Downloading is of course not the only action we take. Such downloads are often full of corrupt files that we first completely clean of errors and de-duplicate before adding it to the total dataset. It is also true that we do not try to crack password hashes. We therefore only use the data as it can already be found online.

Are the data processing operations carried out in the EU?

Yes that’s right. Our service and all associated data processing takes place in Amazon’s data center in Frankfurt, Germany.

What can be said about the size of the dataset?

We may share the following statistical information about our dataset with you.

  • Total database size: 107.1 GB
  • Number of unique:
    • login details (combination of email address and password): 3,584,623,380
    • email addresses: 2,428,354,667
    • passwords: 982,644,811
  • Number of email addresses per TLD (country):
    • The Netherlands (.nl): 6,856,017
    • Belgium (.be): 3,451,216
    • Luxembourg (.lu): 87,600
    • Germany (.de): 128,467,050
    • European Union (.eu): 5,606,073

• • •