Coalition Exposure Tool
Customer records and confidential documents are being exposed on publicly available platforms every day — often long before a breach is ever declared. Check now.
The Coalition of Cyber Investigators continuously monitors publicly available locations using proprietary OSINT workflows and cutting-edge investigative tools and techniques.
Whether the exposure is your organisation’s to manage, or you’re acting on someone else’s behalf.
CISOs, risk, compliance and fraud leaders, general counsel and the board. Establish quickly whether your organisation’s documents and customer data are exposed, understand the risk, and act on evidence rather than assumption.
Legal, insurance, forensic and advisory teams. Check a client’s or member’s exposure, and commission a full intelligence report to support your work.
How The Coalition of Cyber Investigators identifies exposed documents
We monitor publicly available locations using proprietary OSINT workflows and cutting-edge investigative tools to detect exposed customer data and confidential business documents.
Exposed documents are catalogued by type, source location, and a sanitised description of visible PII — without revealing sensitive data.
Organisations receive a detailed report to help investigate the breach, remediate exposure, determine reporting obligations, and protect both customer data and their reputation.
Our investigative techniques consistently surface exposed documents that commercial cyber threat intelligence feeds have failed to detect. In many cases, the material we identify has been publicly accessible for years — sometimes in excess of 15 years — yet remained entirely invisible to conventional monitoring solutions. This gap between what standard tools report and what actually exists in the public domain is precisely where organisational risk quietly accumulates.
This tool is maintained by The Coalition of Cyber Investigators — a global think-tank uniting leading experts in investigations, cybercrime and OSINT. Its founders bring over 110 years of combined experience.
Co-founder (United Kingdom)
A recognised authority in cybercrime, digital forensics and complex investigations with 40+ years’ experience. Founder of eCrime Intelligence and an expert witness in formal proceedings worldwide.
Co-founder (Philippines)
40+ years in investigations, cybercrime and OSINT. A former Scotland Yard officer who set legal precedents in internet investigations, a former Big Four Forensic practice leader, and headed Deloitte’s Forensic practice in the Philippines.
Founding Member (Hungary)
Almost 30 years in cyber forensics and investigations. Former Big Four leader who headed Deloitte’s Central Europe Cyber Security practice for 14 years.
Beyond this tool, The Coalition of Cyber Investigators offers a range of services to organisations whose data has been exposed — all led by experienced investigators.
Hands-on investigations led by experienced investigators, not automated scans. We examine an organisation’s publicly exposed footprint in depth, map where compromised material is surfacing, and report our findings clearly so decision-makers can act on evidence. Where genuine data surfaces, we can conduct independent internal investigations to establish whether an organisation has been compromised from within — combining interviews, digital forensics and open-source intelligence analysis.
A full, sanitised intelligence report on the exposed material linked to a named organisation — going well beyond the sample shown here, so leadership can see the fuller picture and act. Where required, the report can also feed your takedown and reporting activities.
Continuous surveillance with alerts when new exposed material appears, rather than a single snapshot in time.
Formal, documented findings suitable for use in disputes, regulatory matters and due diligence — supporting legal advisers and their clients.
A structured assessment of how exposed documents and data could be exploited against an organisation and its customers — helping identify vulnerabilities and prioritise the controls that reduce fraud risk.
We believe credibility comes from being clear about what we do, how we do it, and what we deliberately do not claim.
Everything we catalogue is found on publicly accessible platforms. We do not hack, intrude, or access anything that is not already openly available.
Our role is to identify and report where material is exposed — not to collect or hold it.
Sensitive personal data is redacted. What appears on this tool is a description of what exists, not a clear republication of it.
The presence of a document — genuine or fabricated — is a reason to investigate, not a conclusion. We report what we find and why it warrants attention.
Whether a document is authentic or not can only be determined by the institution whose brand it bears, through checking against its own internal records. That determination rests with the company concerned, not with us. We are, however, available to provide independent, expert support if required.
Disclaimer: The information provided by this tool is based on open-source intelligence research and is intended for informational purposes only. It does not constitute legal, regulatory, or cybersecurity advice. Before taking any action based on these findings — including but not limited to breach notification, regulatory disclosure, or remediation — organisations must independently verify all material against their own systems and records. Publicly exposed documents may include both genuine data breaches and fabricated artefacts originating from Fraud-as-a-Service operations. The Coalition of Cyber Investigators makes no warranty as to the accuracy or authenticity of individual findings and accepts no liability for actions taken without prior independent verification. Should you require guidance on interpreting or acting upon these findings, The Coalition of Cyber Investigators is available to advise.