Over 500 Million Credentials Exposed in an Unknown Cloud Server

UK’s National Cyber Crime Unit has found exposed cloud storage leaking a database worth 586 million sets of credentials, which are having mixed sources.

As they’re unable to find how they were compromised or to whom it belonged, they submitted the entire database to Have I Been Pwnd for good. While everyone in the world can now check for their compromised credentials in HIBP, this latest data submission reveals more astonishing facts.

Leaking 586 Million Passwords

As we hear a lot of database exposures these days, the latest one comes from UK’s National Crime Agency – the National Cyber Crime Unit this week. The unit has found and reported a database hosted on a UK’s business cloud storage, that has mixed sources of dump in it.

Over 500 Million Credentials Exposed in an Unknown Cloud ServerThe dump, overall, consists of nearly 586 million credentials! As they are unable to find to whom the database belongs too, the NCA asked Troy Hunt, the founder of Have I Been Pwnd website to check and save them for validation purposes.

The site Have I Been Pwnd collates all such comprised passwords from exposures and breaches and lists them anonymously in its database. This in return lets anyone in the world check if their credentials are a part of any previous hacks, so they can change them then at least.

Also Read- Pfizer Based Phishing Campaign in Wild

After submitting to Have I Been Pwnd, Troy Hunt surprisingly said that over a quarter of those leaked passwords are brand new! This could be a bounty for any cybercriminal who passed by and found the exposed server. Since when the database has been leaking them wasn’t known.

Adding the latest dump to Have I Been Pwnd, the total number of passwords available in the site’s database to check grows to an astonishing 5,579,399,834 count, with authorities like the FBI and NCA are given direct access to add more whenever they find new ones.

LEAVE A REPLY

Please enter your comment!
Please enter your name here