A recent update to the HaveIBeenPwned.com breached password list now puts the total known compromised passwords at over 1.2 Billion. Netwrix has updated it’s HIBP updater to reflect this addition.
Some useful and interesting information:
-
The Netwrix Database now takes 16.78 GB of drive space. So customers are urged to consider capacity before running the updater or checking the drive space if the updater is run on a schedule.
-
The update comes from a Telegram channel holding infostealer data called ALIEN TXTBASE and was added on February 25th.
-
This is the single largest update in HIBP.com history.
-
Checking for passwords that are not blocked by other rules in PPE is the key value of the compromised password checking. Since checking for good passwords that are re-used and subsequently breached is the main goal of this feature, freshness is key.
-
Customers that haven’t already, should head to the HIBP Updater tool in the Compromised rule and get the latest refresh.
More information about the source of these breached passwords can be found on Troy Hunt’s (owner of HaveIBeenPwned.com) blog.