For HomeFor BusinessFor Partners
Industry News
1 min read

UK Law Enforcement Shares 585 million Passwords with Have I Been Pwned

Vlad CONSTANTINESCU

December 21, 2021

Promo Protect all your devices, without slowing them down.
Free 30-day trial
UK Law Enforcement Shares 585 million Passwords with Have I Been Pwned

The UK’s National Crime Agency (NCA) shared more than 585 million passwords collected during an investigation with the Have I Been Pwned (HIBP) service.

This makes NCA the second law enforcement agency to engage in this operation, after the FBI contributed millions of passwords to HIBP earlier this year.

The NCA’s National Cyber Crime Unit (NCCU) collected the generous library of compromised passwords during the investigation of various cyberattacks. HIBP added the passwords to the Pwned Passwords section of the website.

After importing and processing data received from the NCA, HIBP detected 225,665,425 completely new passwords, HIBP’s creator, Troy Hunt, said in a blog post.

He added that, even if the NCA were to submit less than half of the password collection, the contribution would have still been significant to the service’s efforts.

Now, keep in mind that before today's announcement, there were already 613M of them in the live Pwned Passwords service (and many millions more in my local working copy waiting for the next release), so the NCA's corpus represented a significant increase in size. - Troy Hunt

Reportedly, the NCA told Hunt that the passwords originated from a UK business-owned cloud storage location that perpetrators used to store compromised login credentials.

Furthermore, investigators believe the passwords were harvested from several data breaches and used by third parties in other cyberattacks and attempts at fraud.

Have I Been Pwned is a service that lets users check if their email address or phone number has been compromised by querying several data breaches. 27 governments rely on HIBP to regularly check user accounts to detect if any sensitive data has leaked into the public domain.

Currently, the collection of ‘Pwned Passwords’ on HIBP’s website totals 5.5 billion entries, with 847 million unique ones. The password library can also be downloaded for free, so individuals and companies can perform cross-checks against it locally, without an Internet connection.

tags

Industry News

Author

Vlad CONSTANTINESCU

Vlad CONSTANTINESCU

Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.

View all posts

Right now Top posts

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide
Scam Spam

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide

April 19, 2024

5 min read
Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond
Scam How to Tips and Tricks

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

April 01, 2024

2 min read
Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts
Spam Industry News Threats

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

November 28, 2023

4 min read
Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting
Protecting Your Important How to Tips and Tricks

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

November 08, 2023

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

City street lights "misbehave" after ransomware attack
Industry News

City street lights "misbehave" after ransomware attack
Graham CLULEY

April 24, 2024

2 min read
13 People Involved in Spyware Banned from Crossing US Borders
Industry News

13 People Involved in Spyware Banned from Crossing US Borders
Filip TRUȚĂ

April 24, 2024

2 min read
GitHub Flaw Could Allow Threat Actors to Distribute Malware on GitLab
Industry News

GitHub Flaw Could Allow Threat Actors to Distribute Malware on GitLab
Vlad CONSTANTINESCU

April 24, 2024

2 min read

Bookmarks

loader