Have I Been Pwned (HIPB) is one website that allows users to check whether their email id or phone number has been compromised by any data breaches or not. The site has now partnered with the FBI which will give them access to an even bigger leaked passwords database based on the ongoing investigations.
In an official post, Troy Hunt, the creator of the website, mentioned that the FBI approached him asking, “what it might look like to provide them with an avenue to feed compromised passwords into HIBP and surface them via the Pwned Passwords feature.” Hunt further mentioned that “Feeding these passwords into HIBP gives the FBI the opportunity to do this almost 1 billion times every month. It’s good leverage”.
Bryan A Vorndran, Assistant Director, Cyber Division, FBI also confirmed the partnership saying, “We are excited to be partnering with HIBP on this important project to protect victims of online credential theft. It is another example of how important public/private partnerships are in the fight against cybercrime”.
However, Hunt mentioned that as of now there’s no way to feed passwords into the database yet.
Apart from this, the HIBP will go open source. Hunt announced around a year ago that he wants to make HIBP an open-source system to ensure the sustainability of the website. The HIBP is now officially an open-source project under the non-profit organization .Net Foundation.
Hunt mentioned that, “It’s also great timing because as I said earlier, it’s now an important part of many online services and this move ensures that anybody can run their own Pwned Passwords instance if they so choose.”