Have I Been Pwned is a website that tracks which services have lost user data, with millions of passwords in the database that continually grows as additional breaches occur. So it comes as no surprise that the latest addition is a massive collection of 635 million passwords—nor that the source is the FBI. This batch of over half a billion credentials is just the most current intersection of the U.S. law enforcement agency and the Australian data breach search site. Over the last four years, the FBI has sent passwords discovered during investigations. As described by HIBP site owner and security expert Troy Hunt in a recent blog post , this latest set comes from a single suspect, who scraped together this data from the web, Tor-based marketplaces, Telegram, and infostealer malware . But in the short post, most striking is the contrast in the numbers, rather than the sheer scope of the infodump. Hunt mentions that when the HIBP-FBI partnership began almost half a decade ago, Have I Been Pwned averaged 1.6 billion searches per month. Now, the site averages 17.45 billion requests per month. Meanwhile, in the batch of passwords just added, 7.4 percent were new additions to the database—which doesn’t sound like much until you do the math. With 46 million never-before-known passwords, that’s a sizable number of affected accounts for users to fortify against attack. In other words, cyberattacks (and the efforts to defend against them) have grown considerably, with rapidly increasing theft of information—and equally high recirculation of known details. The remaining 484.584 million passwords of this FBI set gained another notation for prevalence, as Hunt describes. If you haven’t already registered your email address(es) with Have I Been Pwned , I highly recommend doing so. Getting the alert that your data’s been compromised (or continuing to float among dark web denizens) can help you stay on top of updating passwords. And the service is completely free to use for consumers—the only ones who must pay are businesses and governments who need deeper access to the data.