Biggest Password Leak Ever: Nearly 10 Billion Secret Codes Revealed, We Take Stock

Biggest Password Leak Ever: Nearly 10 Billion Secret Codes Revealed, We Take Stock
Biggest Password Leak Ever: Nearly 10 Billion Secret Codes Revealed, We Take Stock

Since Thursday, July 4, a file called “RockYou2024.txt” containing nearly ten billion unique passwords has been downloaded, a record leak affecting users around the world.

“RockYou2024.txt” is the second record-breaking compilation of data released in 2024, according to the media outlet Cybernews. These are 9,948,575,739 passwords made accessible on a hacking forum, by a user named ObamaCare.

The user, registered since May 2024, had already leaked data. Information about employees of the law firm Simmons & Simmons as well as a lead from the online casino AskGamblers and applications for registration from students at Rowan College in Burlington County were concerned.

An expanded version of “Rockyou2021.txt”

“RockYou2024.txt” was fed with old passwords already hacked and new ones. Three years ago, a leak of this type called “RockYou2021.txt” was already made public. The largest at that time, which contained 8.4 billion passwords. It is this document to which 1.5 billion data were added between 2021 and 2024.

“The RockYou2024 leak is essentially a compilation of real passwords used by individuals around the world. Revealing so many passwords to threat actors significantly increases the risk of credential stuffing attacks.”declared our colleagues from Cybernews.

Multiple risks

“Threat actors could exploit the RockYou2024 password collection to conduct brute force attacks and gain unauthorized access to various online accounts used by individuals who use passwords included in the dataset.”the team explained.

This case is likely to impact systems not protected against brute force attacks. Online and offline services, internet-connected cameras, and industrial equipment may be affected.

According to the Swiss media, Blickthis data leak is not dangerous because the list does not contain identifiers, email addresses or personal data.

As a precaution, it is recommended to use strong and unique passwords and to enable multi-factor authentication (MFA).

-

-

PREV A new report on the quality of the charging service – AVEM
NEXT The Samsung A14 sees its price drop drastically at this highly regarded French retailer