Law enforcement agencies including the National Crime Agency (NCA) and National Cyber Crime Unit (NCCU) in the UK have recovered a huge pile of stolen passwords and email IDs. These stolen passwords, recovered in the UK from a hacked cloud storage facility, impact internet users globally. The NCA said that it had recovered around 22.5 crore passwords and is ‘donating’ them to the database of ‘Have I Been Pwned’ (HIBP).
For those unaware, ‘Have I Been Pwned’ is a free online service that lets anyone check whether their password or email ID is leaked or not. For HIBP, this is the largest database that they received from the police and adds to the 61.3 crore stolen passwords that they already have in their database.
In a statement, the NCS said, “During recent NCA operational activity, the NCCU’s Mitigation@Scale team was able to identify a huge amount of potentially compromised credentials (emails and associated passwords) in a compromised cloud storage facility.”
Also read: Hacking Alert: Delete These 7 Apps From Your Android Phone Right Now
Why is this important
Leaked passwords are a ‘treasure trove’ for cybercrimnals. They can train their password-cracking algos with these passwords to accurately guess what your password could be for any online service including banking. With the police sharing these passwords with the ‘Have I Been Pwned’ website, you will at least get to know whether your password is already in the database of cybercriminals or not. If it is then you may want to change passwords of important services immediately before getting hacked.
How to check whether your password is stolen or not
To check whether your password or email ID is already accessible to cynercrimnals or not, follow these steps.
Go to the ‘Have I Been Pwned’ website: https://haveibeenpwned.com/
To check whether your email ID is safe or not: Enter your email ID and click on the ‘pwned?’ button. If it’s leaked then the site will warn you. You can also repeat the step for checking your phone number.
To check whether your password is stolen or not: Go to the ‘Passwords’ tab on the top part of the website and enter the password to see whether it’s compromised or not.
What to do if you get a ‘Pwned’ warning
If you get a warning message from the ‘Have I Been Pwned’ website, immediately change passwords and opt for something more complex and difficult to crack. Note that just because you get a warning message from this website doesn’t mean that your account is hacked. This website simply tells whether or not your email ID or password is already on the radar of cybercriminals.
For securing banking accounts, it is advisable to change your email ID if you find that it has been compromised. Also, never use the same email ID and password for social media and banking services.
Read all the Latest News, Breaking News and Coronavirus News here.