Over the past few years, Have I Been Pwned has proven to be a valuable way to determine if your email address is connected to the increasingly prevalent database breaches and leaks. Despite having operated autonomously for years, and after some unsuccessful acquisition process, it seems that the web will now have the help of none other than the FBI.
This has been advanced by Troy Hunt, creator and main manager of this website, with the announcement of the new partnership with the United States federal agency, explaining that in fact it was this same that approached to ask if there was a way to provide «a way to enter compromised passwords in Have I Been Pwned and bring them to light through the function Pwned Passwords «.
I’m very happy to announce that @ haveibeenpwned’s Pwned Passwords is now open source under the @dotnetfdn. Now we’ve got some work to do: building an ingestion pipeline for new passwords provided by the @FBI on an ongoing basis. This is super cool 😎 https://t.co/iM17zemmwE
– Troy Hunt (@troyhunt) May 27, 2021
As Hunt explained, the FBI is involved in all kinds of investigations into digital crimes such as botnets, ransomware, online child sexual exploitation, and terrorism. The compromised passwords they find are often used by criminal networks, so quickly adding the passwords to the Have I Been Pwned database would be extremely helpful. That said, the website still doesn’t have a way for the feds to quickly enter passwords into its database.
This in turn implies that the FBI’s collaboration with Have I Been Pwned will be limited exclusively to the donation of this dataTherefore, the agency will not have access to the rest of the data currently incorporated in the web beyond the rest of the users around the globe. In fact, he hopes that “the scope of this facility may be expanded in the future,” allowing other law enforcement agencies to contribute their own findings.
Nevertheless, Hunt continues to urge ordinary users as well so that they are encouraged to help develop a data ingestion path, after the recent opening of the code of their tool, seeking to guarantee a more sustainable future and greater utility for the tool.