A request to access a computing resource of a computing resource service provider is determined to be associated with specious data previously generated by the computing resource service provider. Information about an entity associated with the request is determined from the request. The information is provided to a breach detection system as notification of a potential attack against the computing resource service provider.