news & Things

UK’s National Crime Agency Has Discovered 225m Unexposed Passwords

04th Jan 2022

It’s come to light that the UK’s National Crime Agency (NCA) and National Cyber Crime Unit have recently uncovered a whole host of stolen passwords.

This was after Troy Hunt of ‘Have I Been Pwned (HIBP), fame announced he’d been handed them to add to his service which allows anyone to check if any of their credentials have been exposed.

Apparently, 585,570,857 passwords were shared by the NCA, with over 225,665,425 being passwords that HIBP had never seen before.

That takes the number of credentials that people can now check with HIBP to over 840 million (847,223,402 to be exact).

 

During recent NCA operational activity, the NCCU’s [email protected] team were able to identify a huge amount of potentially compromised credentials (emails and associated passwords) in a compromised cloud storage facility. Through analysis, it became clear that these credentials were an accumulation of breached datasets known and unknown. The fact that they had been placed on a UK business’s cloud storage facility by unknown criminal actors meant the credentials now existed in the public domain and could be accessed by other 3rd parties to commit further fraud or cyber offences.

National Crime Agency statement

 

The NCA haven’t revealed were these passwords came from or how they came to light (outside of their above statement).

 

Before today’s announcement, there were already 613 million passwords in the live Pwned Passwords service… so the NCA’s corpus represents a significant increase in size. Working in collaboration with the NCA, I imported and parsed out the data set against the existing passwords, I found 225,665,425 completely new instances out of a total set of 585,570,857. As such, this whole set (along with other sources I’d been accumulating since November last year) has all been rolled into a final version of the manually released Pwned Passwords data.

Troy Hunt – HIBP Founder

 

HIBP have also confirmed they’ve added a new ingestion pipeline which allows law enforcement agencies around the globe to mass upload compromised passwords, with agencices such as the FBI already availing themselves of the service.

More news & Things

More news & Things


James Crossland in Announcement, cloudThing

cloudThing Are Proud To Be Rebranding As Kerv Digital

Last year, cloudThing joined the Kerv Group to offer our clients even wider services, while allowing our amazing people to remain specialists and focus on what they really enjoy doing, building future.     It was a great fit right from the start as Kerv were always happy to challenge the norm and say they do things […]


Chloe Smith in NonProfit

Initiatives Underway to Improve Diversity In Environmental Workforce In The UK

Steps are being taken in the UK’s sustainability and environment professions to address the lack of diversity, as it stands less than 5% of professionals in organisations within the sector identify as being from minority ethnic backgrounds. The steps involve a data drive, asking the UK’s environmental NGOs and charities to annually report on the […]


Chloe Smith in Health Sector

Billions To Be Raised By Health And Social Care Levy, Massive Reforms To Adult Social Care Underway

COVID backlogs and reforms to adult social care underway with the Health and Social Levy implemented to raise billions. The Health and Social Care Levy has commenced from Wednesday 6th April in order to raise the billions needed for the COVID backlog, as well fund reforms to routine services. In total, £39billion will be implemented […]


Chloe Smith in CENTRAL GOVERNMENT

NATO Identifies Emerging And Disruptive Technologies – UK To Headquarter The Defence Innovation Hub

NATO to implement the DIANA programme to maintain technological advantage: UK and Estonia to partner on the programme. Critical technologies will be seeing transatlantic cooperation, as the UK is set to be the host of the European HQ of the Defence Innovation Accelerator (DIANA), a programme set for NATO allies to accelerate, test, evaluate and […]


Chloe Smith in Transport

New Bus Scheme Set To Increase Public Transport Use by 10%

20% to 40% ticket price reduction on Cornish buses backed by £23.5m government grant A pilot of cut-fare prices has begun in Cornwall, allowing residents and visitors to enjoy cheaper prices around the far south-west of England. The county has benefitted from a ticket price reduction of between 20% and 40% to incentivise more people […]


Chloe Smith in NonProfit

Legal Proceedings Issued After National Lottery Licence Announcement

For the first time since The National Lottery started, Camelot will not be Preferred Applicant for the National Lottery licence.   A legal battle has been issued by National Lottery operator, Camelot, against the Gambling Commission after it was revealed that Allwyn Entertainment UK was its Preferred Applicant for the fourth National Lottery licence – […]