Data Breach Detector
FreeNot checkedA read-only breach-intelligence MCP server that checks domain breaches, provides recent breach news, and assesses threat text from public feeds.
About
A read-only breach-intelligence MCP server that checks domain breaches, provides recent breach news, and assesses threat text from public feeds.
README
data-breach-detector
A read-only breach-intelligence MCP server. It answers "has this domain been breached, what's the recent breach news, how severe is this threat text" from public threat-intelligence disclosure feeds — and reports intelligence, not contents: the existence, timing, scale, category and exposed data-types of a breach, never the leaked records themselves.
Built for defenders. Comparable in spirit to HaveIBeenPwned's own directory.
What it does not do
- No arbitrary URL fetch, no crawl, no proxy — no general scraping primitives.
- No
.onionmarketplace access, no transactions. - Never returns the raw text of a dump, paste or leak. A redaction layer strips emails, hashes, IPs, crypto addresses and credential-shaped tokens from every string returned.
Sources (public, no key)
- HaveIBeenPwned
/api/v3/breaches— the public breach directory: domain, breach date, pwn count, and the categories of data exposed. - ransomwatch (
joshhighet/ransomwatch) — public ransomware leak-site tracker.
Tools
| tool | what it returns |
|---|---|
breach_news(since_days, sector, limit) |
recent disclosures — entity, date, scale, exposed data types, severity |
check_exposure(query) |
does a domain/company appear in breach data — yes/no + metadata |
assess_threat(text) |
classify a piece of security text — level, categories, action (no network) |
feed_sources() |
which feeds are aggregated + cache freshness |
Run
pip install data-breach-detector
data-breach-detector # stdio (for MCP clients)
data-breach-detector --http # streamable-HTTP on 127.0.0.1:8790/mcp
Or point an MCP client at the config:
{ "mcpServers": { "data_breach_detector": {
"command": "data-breach-detector"
} } }
License
MIT. The breach data belongs to its sources (HaveIBeenPwned, ransomwatch); this tool only aggregates their public disclosure metadata, with attribution.
Install Data Breach Detector in Claude Desktop, Claude Code & Cursor
unyly install data-breach-detectorInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add data-breach-detector -- uvx data-breach-detectorFAQ
Is Data Breach Detector MCP free?
Yes, Data Breach Detector MCP is free — one-click install via Unyly at no cost.
Does Data Breach Detector need an API key?
No, Data Breach Detector runs without API keys or environment variables.
Is Data Breach Detector hosted or self-hosted?
A hosted option is available: Unyly runs the server in the cloud, no local setup required.
How do I install Data Breach Detector in Claude Desktop, Claude Code or Cursor?
Open Data Breach Detector on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Data Breach Detector with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
