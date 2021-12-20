5.5 BILLION passwords have been hacked on Facebook, Google, and Hotmail – here’s how to protect yourself.

Have I Been Pwned (HIBP) estimates that at least 5.5 billion email addresses and passwords have been compromised globally.

The UK National Crime Agency (NCA) recently provided 585 million of those passwords after a major security breach was discovered.

225 million of the breached passwords provided by the NCA were “completely new,” according to HIBP creator Troy Hunt, who is also a Microsoft Regional Director.

The compromised passwords, as well as their associated email accounts, were discovered in a UK cloud storage facility, according to the NCA in a statement shared with Hunt.

According to the NCA, “it became clear through analysis that these credentials were an accumulation of known and unknown breached datasets.”

“Because they were placed on a UK business’s cloud storage facility by unknown criminal actors, the credentials were now in the public domain and could be accessed by other 3rd parties to commit further fraud or cyber offenses,” they added.

The newly acquired compromised passwords, which have yet to be linked to a specific company or platform, can be viewed on HIBP’s website in the “Pwned Passwords” section.

This section allows businesses and system administrators to see if their passwords have been compromised by hackers and if they appear on threat actors’ third-party lists.

After the US Federal Bureau of Investigations launched a similar investigation into HIBP in May 2021, the UK law enforcement agency is now the second to collaborate with the website.

If a hacker or threat actor gets their hands on your credentials, they can do a lot with them.

To begin with, they may sell your information to other threat actors.

Hackers may try to access your other accounts if you reuse your logins for multiple sites, a tactic known as “credential stuffing.”

Credential stuffing usually targets accounts with payment information and results in “account takeover” and identity theft.

Finally, threat actors may attempt to obtain credit card information from you using your credentials in phishing schemes or even extortion.

Visit the HIBP website to see if your email has been hacked.

You can use the “Pwned?” search bar to enter your email address or phone number.

If your credentials have been compromised, the website will show you all known data breaches associated with that email address.

You can use 1Password’s software to protect yourself, which generates and stores strong passwords for each website.

It's also a good idea to enable two-factor authentication for your 1Password credentials

