The Bitwarden Blog
How to use the Data Breach report in Bitwarden
We've reached a point in time when diligence has become the name of the security game. You can no longer sit back and assume everything is fine with your accounts and login credentials. Why? Because hackers are always finding new ways to break into accounts, which means data breaches are becoming the norm. According to Firewall Times, there were over 130 companies compromised in August 2022 alone. And that's only by way of the Oktapus Phishing Breach. In July 2022, a hacker posted data on 5.4 million Twitter users.
The more you dig into data breaches, the more you realize how important it is to keep tabs on your accounts.
Thankfully, Bitwarden has a handy tool to help keep you up to date with data breaches. Said tool is the Data Breach report and is available for individual vaults across all plans, including free. The Data Breach report tool identifies compromised data (such as email addresses, passwords, credit cards, dates of birth, and more). The Data Breach report uses a very popular (and widely accepted) service, called Have I Been Pwned to display any information regarding data breaches that involve any of your accounts.
The Data Breach report is available to any user with a Bitwarden account and is only accessible from the web-based interface (so you can't use it from either the desktop or mobile applications).
Let's find out how to use the Bitwarden Data Breach report.
Open your web browser of choice and log in to your Bitwarden account. After logging in, click Reports in the top toolbar (Figure 1).
In the Reports window (Figure 2), click Data Breach.
The Data Breach tool allows you to check any username or email address you use for various accounts. Type either a username or email address in the Username text area and click Check Breaches (Figure 3).
A word of warning, chances are really good you will find either your username or email address is associated with multiple breaches. When the report is displayed (Figure 4), each entry will include all of the details about the breach, including a link you can click to find out more.
Make sure to pay close attention to the list of Compromised data. For example, in a LinkedIn breach, the following data was scraped in 2021:
Social media profiles
That list could be much worse (as in Social Security numbers, phone numbers, date of birth, bank account numbers). If you see any such information listed, immediately change the password for the compromised account.
Speaking of which… the one thing you won't find in the report is detailed instructions on what to do in the event of a breach. However, that "what" is simple: change any password associated with a data breach listed in the report. This is an absolute must. When doing that, you should make sure to use the Bitwarden random password generator to create a new password (and save it in the entry within your Bitwarden vault).
Data breaches will happen and they will affect you. Make a habit of regularly checking the Data Breach report and any time you see one of your accounts listed, take action.
Jack Wallen is an award-winning author and avid supporter of open source technologies. He has covered open source, Linux, security, and more for publications including TechRepublic, CNET, ZDNet, The New Stack, Tech Target and many others since the 1990s in addition to writing over 50 novels.
On this page
Back to Blog