The British and Australian governments have begun working with a popular breach aggregation site to monitor their domains.
The National Cyber Security Centre (NCSC) and Australian Cyber Security Centre (ACSC) will now avail themselves of centralized monitoring on Troy Hunt’s Have I Been Pwned? site.
The NCSC posted the announcement on Twitter this morning:
“We’re excited for the opportunity to work alongside Troy and we’re looking forward to trialing the use of his service in the coming weeks to help alert UK government departments if their users have potentially compromised credentials.”
Noted security researcher and Microsoft regional director Hunt collates breached credentials and allows legitimate users to query the site for free to see if their log-ins may have been compromised.
However, there’s also a commercial service which allows companies to get notifications whenever their credentials turn up in breached data loaded into the site’s back-end database.
The NCSC and ASCS will be able to query on-demand and make use of this commercial service, although they won’t be charged, according to Hunt.
“Every time an alias on one of their domains is seen in a new data breach or a paste, the incident is automatically posted to them. It means that within minutes of one of their email addresses being found and loaded into HIBP, they'll know about it. That's really important in terms of giving them the ability to respond quickly and by unifying all those existing one-off domain searches, the respective governments will be able to immediately see when an incident has a potentially broad impact,” he explained.
“This can be especially important when you consider data breaches such as Dropbox; many organizations of all kinds suddenly learned that a bunch of their people had cloud storage accounts under their corporate email addresses so you can imagine some of the discussions that subsequently ensued."