Several hundred million email addresses and passwords have been discovered on a British server. It contains previously unleashed passwords that are now available at Have I been Pwned.
The 225 million passwords were discovered by the UK’s National Crime Agency and the National Cyber Crime Unit on a UK server of an undisclosed cloud provider. The data appears to come from various data breaches, but the perpetrators are unknown.
The leaked data was handed over to Have I been Pwned (HIBP), the service of security specialist Troy Hunt where you can check if your password ever circulated anywhere online.
This now contains 613 million combinations of passwords and email addresses with the new addition.
On the one hand, you can look up whether your email address (and password) was involved in a data breach, or you can enter your password to check whether it has already been found publicly somewhere.