Troy Hunt, the founder of Have I Been Pwned, has announced that the FBI and the UK’s National Crime Agency, have helped the site to boost its hacked passwords database. The FBI is providing an Ingestion Pipeline which will allow HIBP to add passwords to its database that the FBI uncovers in investigations while the NCA has provided a database of 225 million passwords.
By adding more compromised passwords, HIBP users will be able to check their accounts against a larger number of breaches. If you find that any of your passwords have been compromised, you should change your login details on the breached websites as well as any other websites that use the exposed passwords. Luckily, web browsers make this job very easy now because they all have in-built password managers that generate secure and unique passwords.
According to the NCA, the 225 million passwords it found were located on a UK-based business cloud storage facility by unknown criminals. It said as these passwords were in the public domain and could be exploited by bad actors. To help fight against their misuse, the NCA provided HIBP with the passwords so people can check to see if their accounts are secure.