Blog

Dec 24, 2021

Half-Billion Compromised Credentials Lurking on Open Cloud Server

Posted by in category: cybercrime/malcode

A quarter-billion of those passwords were not seen in previous breaches that have been added to Have I Been Pwned.

According to the National Crime Agency’s National Cyber Crime Unit in the U.K., nearly 586 million sets of credentials had been collected in a compromised cloud storage facility, free for the taking by any cybercrime yahoo who happened to stop by.

The credentials were a mixed bag in terms of sources, and it’s not clear how these passwords became compromised. But because they couldn’t be linked to a specific company, the NCA tapped Troy Hunt, creator of the Have I Been Pwned (HIBP) website and a Microsoft regional director, to check the passwords against the HIBP database of compromised passwords.

Comments are closed.