Law enforcement companies in the UK, including the Nationwide Crime Company (NCA) and the Nationwide Cyber Crime Unit (NCCU), have seized a large pile of stolen passwords and electronic mail IDs. This stolen password, recovered in the UK from a hacked cloud storage facility, has an impact on web users globally. The NCA said it had recovered about 22.5 crore passwords and was “donating” them to the Have I Been Pwned (HIBP) database.
What services does HIBP provide?
For these strangers, ‘Have I Been Pwned’ is a free online service that lets anyone check if their password or electronic mail ID has been leaked. For HIBP, this is the most important database they have obtained from the police and they have already recovered 61.3 crore stolen passwords from their database.
In a statement, NCS stated that “in the current NCA operational exercise, NCCU’s Mitigation @ Scale Workforce was in a position to determine the huge amount of undoubtedly compromised credentials (email and associated passwords) in the compromised cloud storage facility.”
Why is this necessary?
Leaked passwords are a ‘treasure’ for cyber criminals. They will practice their password cracking algos with this password to get an accurate idea of what your password might be for any online service including banking. Since the police have shared this password on the website ‘Have I Been Pwned’, you will at least know if your password is in the database of cyber criminals. Even so, owning one is still beyond the reach of the average person.
How to check if your password has been stolen?
To check if your password or electronic mail ID is already available to criminals, follow the steps below.
1. Visit the ‘Have I Been Pwned’ website: https://haveibeenpwned.com/
2. To check if your e-mail ID is secure, enter your e-mail ID and click ‘pwned?’ Click on the button. Positioning will warn you if it is leaked. You can repeat this step to check your cellphone quantity.
3. To check if your password has been stolen: Go to the ‘Password’ tab at the top of the website and check by entering the password there.