This summer, we expected to see a lot of new records being set, since this is an Olympic year with the Summer Games kicking off in France on July 26th. But a new record has just been set, and unfortunately, it’s not good news. Nearly 10 billion unique plainword passwords have been leaked in a file titled rockyou2024.txt found on a popular hacking forum. The passwords were posted by a forum member with the username ObamaCare.
This data breach is serious and the exact number of passwords in the file is 9,948,575,739. If you are the type of person who reuses passwords across multiple apps and websites to make them easier to remember, there is a chance that the password to your sensitive accounts is in the file. The file was posted on the hacking forum on July 4th and with the large number of stolen passwords, there is a chance that fireworks will come from this data breach.
On a hacker forum, an attacker announces that he has posted a file containing nearly 10 billion passwords | Image credit-Cybernews
Cybernews researchers said: “Essentially, the RockYou2024 breach is a compilation of real passwords used by people around the world. Exposing many passwords to threat actors significantly increases the risk of credential stuffing attacks.” Recent attacks targeted Santander, Ticketmaster, Advance Auto Parts, and QuoteWizard and were the result of credential stuffing attacks on the victim’s cloud service provider, Snowflake. Such an attack uses credentials stolen from a previous data breach on one service to log into an unrelated service.
Cybernews researchers added: “Threat actors could abuse the RockYou2024 password compilation to perform brute-force attacks and gain unauthorized access to various online accounts used by individuals using passwords included in the dataset.” And that’s exactly what you should be worried about. You might want to think of a new password for your key financial and personal apps and websites by adding upper and lower case letters, numbers, and special characters.