def rule(event):
    if event.deep_get("riskEventType", default="") == "leakedCredentials":
        return True
    return False
