Millions Of Stolen Passwords Donated To Hack-Checking Site

Share post:

The National Crime Agency (NCA) of the U.K. has donated around 225 million unique passwords to a cybersecurity project designed to protect users from hackers.

The list is now part of the free online service Have I Been Pwned (HIBP), which allows anyone to search hundreds of millions of passwords to see if they are already being used by criminals.

Troy Hunt, the security researcher who runs the site, said it now has a “pipeline” feature for law enforcement to add passwords they have recovered to the free online service.

“During the course of their investigations, they come across a lot of compromised passwords, and if they were able to continuously feed those into HIBP, all the other services out there using Pwned passwords would be able to better protect their customers from account takeover attacks, ” Hunt said.

An attack on an account occurs when a hacker obtains the username and password for an online service and is able to take control of the account.

Hunt also said that the U.S. FBI and the U.K. NCA are now able to contribute to the open-source systems his team has built, and thanked the NCA in particular for the “donation” of 225 million new passwords.

The NCA urges users to search the website for their own passwords. If the password appears in the database, the user is strongly advised to change it, as this means his account is already in the hands of cybercriminals.

NCA’s National Cyber Crime Unit officer Chris Lewis-Evans said the large list of compromised passwords was the largest ever recovered by the NCA – more than two billion pairs of emails and passwords.

These 225 million passwords now comprise the “donation” to HIBP.

For more information, read the original story on the BBC.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for the week ending Friday, Sept. 29, 2023

This episode features discussion on October Security Awareness Month, ransomware, teenage hackers and the start of hearings into proposed Canadian privacy a

Admins urged to quickly patch holes in WS_FTP file transfer server

This is the fourth file transfer application -- and the second from Progress Software -- to recently face critical vulne

Cyber Security Today, Sept. 29, 2023 – Protect your routers from this attacker, new open-source malware packages found, and more

This episode reports on a China-based group that specializes in hacking branch office routers of major

Champagne squeezed to produce proposed amendments on privacy, AI bills

Opposition gives government five business days to produce proposed

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways