- More than 3,000 passwords of British officials discovered on the dark web
- Many passwords were weak, putting public institutions and national interests at risk
- The Justice Department was hardest hit; report calls for better cyber hygiene
Hundreds of civil servants working in national and regional organizations in the UK have had their work passwords exposed on the dark web, demonstrating that public organizations are no better than their private counterparts when it comes to safeguarding important secrets.
This is according to password management company NordPass and threat exposure management platform NordStellar. The two organizations recently cross-referenced over 5,500 organizations across six countries (US, UK, Canada, France, Italy and Germany), based on their email domains. The study revealed a total of 3,014 passwords exposed on the dark web.
They included national and federal parliaments, governments, presidential administrations, as well as local and regional governments, municipalities and other public institutions.
Reuse weak passwords
“The exposure of sensitive data, including passwords, of civil servants is particularly dangerous. Compromised passwords can affect not only organizations and their employees, but also a large number of citizens. Moreover, such incidents can also pose serious risks to a country’s strategic interests,” Karolis Arbačiauskas, product manager at NordPass, commented on the findings.
In the report, both organizations said many passwords were recurring, either because one person used the same password on multiple emails/accounts or because multiple people used the same password for their accounts.
If that seems odd, the report also points out that most of the exposed passwords were weak and easy to guess. Therefore, it is possible that multiple people have passwords such as “12345678” or “password”.
With 36 unique passwords exposed, the Department of Justice was the most affected public institution, followed by the Department of Defense (32), Aberdeen City Council (23) and the Department for Work and Pensions (20).
Good password hygiene is a crucial step in cybersecurity, says the NordPass/NordStellar report. This includes creating strong passwords, ensuring that each department has a unique one, and that these passwords are changed/modified frequently.
If you think your password may be weaker, we’ve created a guide on creating a strong password to help you.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
