A system and method includes at an authentication platform that is implemented via one or more computing servers: identifying compromised credential data, wherein compromised credential data comprise compromised credentials for one or more compromised accounts that have been exposed to a malicious actor via an illegitimate method, the compromised credentials including credentials that are useable for authentication to or for accessing the one or more compromised accounts; testing the compromised credentials, wherein testing compromised credentials includes using the compromised credentials to determine a useablility of the compromised credentials to attack one or more different accounts from the one or more compromised accounts; and modifying account access associated with one or more of (i) the one or more compromised accounts and (ii) the one or more different accounts.