The FBI will soon begin to share compromised passwords with Have I Been Pwned’s password service. The passwords were discovered during law enforcement investigations. The FBI and other law enforcement agencies can use a ‘Password Ingestion’ API to feed compromised passwords into the service. Users can then download the compromised passwords as lists of SHA-1 or NTLM hashed passwords that can be used offline by Windows administrators to check if they are being used on their network. For example, the password ‘password’ has been seen 3,861,493 times in data breaches.
Source: https://www.bleepingcomputer.com/news/security/fbi-to-share-compromised-passwords-with-have-i-been-pwned/