You may want to change all your passwords after this record setting leak was announced

This summer, we expected to see a lot of new records being set, since this is an Olympic year with the Summer Games kicking off in France on July 26th. But a new record has just been set, and unfortunately, it’s not good news. Nearly 10 billion unique plainword passwords have been leaked in a file titled rockyou2024.txt found on a popular hacking forum. The passwords were posted by a forum member with the username ObamaCare.

One report calls it the “largest password compilation,” making it a dubious record. The account has previously posted passwords from other data breaches, including an employee database for law firm Simmons & Simmons, leads from online casino AskGamblers and student logins for Rowan College in Burlington County. The latest, record-breaking file was compared to data from Cybernews’ Leaked Password Checker, which revealed that these passwords came from a combination of old and new breaches.

This data breach is serious and the exact number of passwords in the file is 9,948,575,739. If you are the type of person who reuses passwords across multiple apps and websites to make them easier to remember, there is a chance that the password to your sensitive accounts is in the file. The file was posted on the hacking forum on July 4th and with the large number of stolen passwords, there is a chance that fireworks will come from this data breach.

Cybernews researchers said: “Essentially, the RockYou2024 breach is a compilation of real passwords used by people around the world. Exposing many passwords to threat actors significantly increases the risk of credential stuffing attacks.” Recent attacks targeted Santander, Ticketmaster, Advance Auto Parts, and QuoteWizard and were the result of credential stuffing attacks on the victim’s cloud service provider, Snowflake. Such an attack uses credentials stolen from a previous data breach on one service to log into an unrelated service.

Cybernews researchers added: “Threat actors could abuse the RockYou2024 password compilation to perform brute-force attacks and gain unauthorized access to various online accounts used by individuals using passwords included in the dataset.” And that’s exactly what you should be worried about. You might want to think of a new password for your key financial and personal apps and websites by adding upper and lower case letters, numbers, and special characters.

Leave a Comment