news & Things

UK’s National Crime Agency Has Discovered 225m Unexposed Passwords

news & Things
wooden toy

04th Jan 2022

It’s come to light that the UK’s National Crime Agency (NCA) and National Cyber Crime Unit have recently uncovered a whole host of stolen passwords.

This was after Troy Hunt of ‘Have I Been Pwned (HIBP), fame announced he’d been handed them to add to his service which allows anyone to check if any of their credentials have been exposed.

Apparently, 585,570,857 passwords were shared by the NCA, with over 225,665,425 being passwords that HIBP had never seen before.

That takes the number of credentials that people can now check with HIBP to over 840 million (847,223,402 to be exact).

 

During recent NCA operational activity, the NCCU’s [email protected] team were able to identify a huge amount of potentially compromised credentials (emails and associated passwords) in a compromised cloud storage facility. Through analysis, it became clear that these credentials were an accumulation of breached datasets known and unknown. The fact that they had been placed on a UK business’s cloud storage facility by unknown criminal actors meant the credentials now existed in the public domain and could be accessed by other 3rd parties to commit further fraud or cyber offences.

National Crime Agency statement

 

The NCA haven’t revealed were these passwords came from or how they came to light (outside of their above statement).

 

Before today’s announcement, there were already 613 million passwords in the live Pwned Passwords service… so the NCA’s corpus represents a significant increase in size. Working in collaboration with the NCA, I imported and parsed out the data set against the existing passwords, I found 225,665,425 completely new instances out of a total set of 585,570,857. As such, this whole set (along with other sources I’d been accumulating since November last year) has all been rolled into a final version of the manually released Pwned Passwords data.

Troy Hunt – HIBP Founder

 

HIBP have also confirmed they’ve added a new ingestion pipeline which allows law enforcement agencies around the globe to mass upload compromised passwords, with agencices such as the FBI already availing themselves of the service.

More news & Things

More news & Things


James Crossland in Tech

400% Increase In Microsoft Teams Usage: Can This Bridge The Gap Between Frontline Workers & Their Managers?

Microsoft recently made changes to its Teams and Viva platforms ahead of the February 1st Cloud For Retail general availability – and published a report alongside the changes which outlines the challenges frontline workers are facing in 2022. According to Jared Spataro (Microsoft’s CVP for Modern Work), Microsoft defines a frontline work as “folks who […]


James Crossland in CENTRAL GOVERNMENT

Ukraine Target Of Sustained Hacking: Early Reports Point The Finger At Russia

Cyber Actors threatened citizens with the publication of their private data A number of government websites in the Ukraine recently came under fire from a sustained hacking attack on the 13th of January, which involved cyber attackers distributing menacing messages which appear to be aimed at intimidating Ukrainian citizens. A Facebook post by the Ministry […]


James Crossland in CENTRAL GOVERNMENT

West Mids Transport Chiefs Have Agreed Priorities For A £1.3bn Investment In The Region

A list of preferred priorities and schemes will now be submitted by the combined authority to the Department for Transport for final approval.   That £1.3bn of investment will be spent on over fifty different transportation improvement projects within the West Midlands, with a full list to be published as soon as the DoT have […]


James Crossland in CENTRAL GOVERNMENT

UK Government Removes Community Wealth Fund Amendment From Upcoming Bill

The UK Government have just removed an amendment from the upcoming Dormant Assets Bill that would allow for the creation of Community Wealth Funds… however acknowledged  there was a lot of widespread support for the concept.   The amendment, previously added by the House of Lords, was removed in the House of Commons during its […]


James Crossland in Non-Profit

Wales Has An Additional Duty To Climate Change Due To Its Coal Mining Past – Conservationist Claims

Leading Welsh NonProfit conservationist claims Wales has a ‘particular responsibility’ to help fight climate change due to its coal mining history.   Ru Hartwell, director of NonProfit Carbon Link, has recently been quoted as saying Wales ‘invented’ a model for industrial development based almost exclusively on exploiting fossil fuels.   Carbon Link runs a tree-planting […]


Chloe Smith in NonProfit

What Happens Once the Small Charities Coalition Closes Its Doors For Good?

A breakdown of what the closure of the membership body means for the more than 16,000 organisations it serves, and what the sector needs to consider following its impact. Small Charities Coalition announced in December that lack of funds has meant it will close in spring.   [We have] exhausted all possibilities to secure funding […]


Send us a Message






    Call cloudThing
    0121 393 4700
    DEVELOP • DYNAMICS • DEVOPS • DATA
    By pressing send you agree to our Terms & Conditions