The UK's National Crime Agency shared more than 585 million hacked codeς accesss that he identified during investigations with the Have I Been Pwned, a site that indexes data from security breaches.
The NCA is the second law enforcement agency to officially supply HIBP with leaked passwords after the US Federal Bureau of Investigation launched a similar partnership with page in May.
In a blog post today, HIBP creator Troy Hunt reported that 225 million of the NCA password breaches found were new and unique.
These passwords have been added to a section of the HIBP website called Pwned Passwords. This section allows companies and system administrators to check and see if their current passwords have been compromised in hacks or if they are part of public lists used by hackers in attacks brute-force and password-spraying.
The HIBP Pwned Passwords collection currently includes 5,5 billion entries, of which 847 million are unique passwords.
Hunt reported that the NCA found the compromised passwords, combined with email accounts, on a cloud account in the United Kingdom.
"Through the analysis, it became clear that these credentials were an accumulation of infringed sets of known and unknown data." said the NCA in Hunt.
The NCA said it was unable to identify or assign compromised email and password combinations to any particular platform or company.
"The fact that they were placed in the cloud storage facilities of a UK company by strangers means that the credentials are now public and can be used by third parties to commit further fraud or cybercrime," the agency added. justifying her decision to share the data with Hunt.