Jump to content

UK law enforcement donates 225 million stolen passwords to haveibeenpwned.com

Acerazus
By Acerazus
in Tech News
 Share
Posted

Summary

 

UK law enforcement has donated a tranche of 225 million unique passwords to a cyber-security project helping to protect users from hacking.

The National Crime Agency (NCA) recovered the database from cyber-criminals who had collected real users' email addresses and passwords.

That list has been added to free online service Have I Been Pwned (HIBP).

 

Quotes

Quote

Troy Hunt, the security researcher who runs the site, announced on Friday that it now has a "pipeline" function for law enforcement to add passwords they have recovered to the service.

"The premise is simple," he wrote in a blog post.

"During the course of their investigations, they come across a lot of compromised passwords, and if they were able to continuously feed those into HIBP, all the other services out there using Pwned passwords would be able to better protect their customers from account takeover attacks."

 

My thoughts

It's good to see this happening. I don't really have much to say myself but I'm sure someone is going to have fun looking up to see if their passwords have been pwned with this update.

 

Sources

UK donates 225 million stolen passwords to hack-checking site - BBC News

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Just double checked, and my root password for a lot of the passwords I made back in the days where I was young and foolish and then was too lazy to change later on, is safe.

Yea bottom line: Use a good password manager.

"A high ideal missed by a little, is far better than low ideal that is achievable, yet far less effective"

 

If you think I'm wrong, correct me. If I've offended you in some way tell me what it is and how I can correct it. I want to learn, and along the way one can make mistakes; Being wrong helps you learn what's right.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

image.png.a1a0f8eb755fa537ce3be8c243a7dfa8.png

 

oopse... what do i do? i have a something to tell yall, i only have 2 passwords the one used here was well used a lot..... 

|:Insert something funny:|

-----------------

*******

#

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Hey - I have the same password for my luggage!
112374189_Presskroob.png.3321b80c3a85f709a25d2831a640fbcd.png

"If you ever need anything please don't hesitate to ask someone else first"..... Nirvana
"Whadda ya mean I ain't kind? Just not your kind"..... Megadeth
Speaking of things being "All Inclusive", Hell itself is too.
 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, adarw said:

image.png.a1a0f8eb755fa537ce3be8c243a7dfa8.png

 

oopse... what do i do? i have a something to tell yall, i only have 2 passwords the one used here was well used a lot..... 

 

Change it. Oddly shoved in my main email and most used pasword before i got a password manager, 3 hits for my e-mail, none for the password. Cool.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Nice that they're making it easy with this "pipeline," which can help people become better aware of potential issues in the future.

 

My main sign-up account from high school (2000), that I still currently use, shows 22 breaches, no pastes. Roughly half are from collections/spam lists. The rest are from services I rarely used, or just old stuff like Myspace, HLTV.org, Trillian, etc...

My Classifieds Thread

 

Link to comment
Share on other sites
Link to post
Share on other sites
  • 3 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×