The largest Polish bank will check customer passwords. It’s about safety

PKO BP informed about the changes introduced in a message posted on Facebook.

Thanks to the new function, when changing/creating a password in the iPKO website, you will find out whether it is included in the database of compromised passwords that cannot be used. This will help increase your safety.

– we read.

To check whether our password has not been leaked online, log in to electronic banking, enter the application settings, go to the access and security section -> passwords and access to the bank -> Change the password for the iPKO website. If the password is in the database, we will see an appropriate message warning us about the leak.

A few days ago on its website PKO BP

Don’t do this:

• DO NOT SHARE your data with others: login, password, PESEL, card or BLIK data
• DO NOT AGREE to pay for purchases outside the advertising website (e.g. OLX, Vinted, Allegro)
• DO NOT CLICK on suspicious links, e.g. shortened links: in e-mails, text messages or instant messengers (e.g. WhatsApp, Messenger), even if they come from a friend – it may be dangerous!
• DO NOT LOG IN to your bank over public WiFi
• DO NOT CONNECT external drives (e.g. pen drives) if you are not sure that they are safe.

This is good:

• SOMEONE pretends to be a bank employee on the phone? CHECK HIM – ask for a push with his data in the IKO application
• READ your payment authorization notices carefully
• USE complex and different passwords on your accounts
• CHECK the website address and website security certificate before logging in to your bank or paying online
• UPDATE your systems, applications and browsers regularly. Only use official app stores and software providers.”

The hackers struck with redoubled force. Leak follows leak

In recent years, unfortunately, we have been dealing with an increasing number of leaks containing information such as credit card numbers, addresses and PESEL numbers. At the end of January 2024, we reported the discovery of a gigantic database containing as many as 26 billion records that had been found online.

, they unanimously claim that this may be the largest leak of this type in history. And there is little consolation in the fact that – as experts explain – the discovered collection contains mainly information from previous violations.

Earlier, in May last year, there was another large leak, which this time mainly affected users from Poland. Then, on one of the forums, a file containing millions of records with logins and passwords appeared on the Tor network, including: to Facebook, Allegro, gov.pl, Onet Poczta and mBank and ING banks.

In response, the Polish Ministry of Digitization launched the websitebezpieczdane.gov.pl, where we can check whether our logins and passwords were leaked. All you need to do is log in there via the Trusted Profile and then enter the login or e-mail address you used to log in to the websites of one of the companies from which confidential information was stolen.

We can also check whether we have been a victim of one of the global data leaks in the past. This is where haveibeenpwned.com comes in handy, created by Troy Hunt, a well-known security expert and former Microsoft employee.

Just enter our e-mail address in the search engine and haveIBeenPwned will generate a list of websites from which our data may have been leaked. What’s more, this week a search function by phone number was also made available (in the format +48 XXX XXX XXX).