- The passwords of over 3,000 UK civil servants were found exposed on the dark web
- Many passwords were weak and risked public institutions and national interests
- The Ministry of Justice was most affected; the report calls for better cyber hygiene
Hundreds of civil servants working in national and regional organizations in the UK have had their business passwords exposed on the dark web, showing that public sector organizations are no better than their private counterparts when it comes to protecting important secrets.
This is according to password manager company NordPass and threat exposure management platform NordStellar. The two organizations recently cross-referenced more than 5,500 organizations in six countries (US, UK, Canada, France, Italy and Germany) based on their email domains – the study found a total of 3,014 passwords exposed on the dark web.
They included national and federal parliaments, governments, presidential administrations, as well as local and regional governments, municipalities and other public institutions.
Reusing weak passwords
“Exposure of sensitive data, including passwords, by government officials is particularly dangerous. Compromised passwords can affect not only organizations and their employees, but also a large number of citizens. Moreover, such incidents can also pose a serious risk to a country’s strategic interests,” says Karolis Arbačiauskas, product manager at NordPass, to the findings.
In the report, the two organizations said that many passwords were recurring, either because one person used the same password across multiple emails/accounts, or because multiple people used the same password for their accounts.
If this sounds strange, the report also emphasized that many of the exposed passwords were weak and easy to guess. Therefore, it is possible that several people had passwords such as “12345678” or “password”.
With 36 unique visible passwords, the Ministry of Justice was the most affected public institution, followed by the Ministry of Defense (32), Aberdeen City Council (23) and the Department for Work and Pensions (20).
Proper password hygiene is a crucial step in cyber security, claims the NordPass/NordStellar report. That includes creating strong passwords, making sure each service has a unique one, and that those passwords are rotated/changed frequently.
If you think your password might be on the weak side, we’ve created a guide to making a strong secure password to help.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
