RockYou2024 – Password Leak
On July 4th last year, the largest password leak in history, “RockYou2024,” occurred, which we are reporting on. almost 10 billion passwordsamong which may be yours. And of course, this is a serious problem for this person. who reuses the same password
for different services. Because it increases the possibilities of access to your information or contracted services associated with the specified password.
The leak, dubbed “ObamaCare” by its original author RockYou2024, was posted on a well-known hacking forum. To be precise, there is 9,948,575,739 unique passwords in plain text. That’s nearly 10 billion leaked passwords that will trigger large-scale attacks.
RockYou2024 collects most of the already leaked passwords.
By “luck” RockYou2024 collects most of the old passwords along with new ones. For example, we know that it is based on another big leak:
RockYou2021. As the name suggests, the first list was leaked in 2021 with some 8.4 Billion Passwords Leaked. So we’re talking about about 1.5 billion additional passwords added in three years. Interestingly, many of these latter passwords were cracked thanks to the capabilities of GeForce RTX 4090 for Password Cracking.
This curious user was registered on a hacker forum at the end of May this year. Now, as soon as he did, he leaked the database of employees of the law firm Simmons & Simmons. Also from the online casino AskGamblers and information about students of a university in New Jersey, USA.
The Cybernews investigation team has found that the RockYou2024 password leak was caused by a mix of old and new data leaks.
“The RockYou2024 breach is essentially a collection of real passwords used by people around the world. Exposing so many passwords to attackers significantly increases the risk of credential stuffing attacks,” the researchers said.
“Attackers could use the RockYou2024 password harvest to conduct brute-force attacks and gain unauthorized access to multiple online accounts used by people using passwords included in the dataset. RockYou2024 could facilitate a cascade of data breaches, financial fraud, and identity theft.
Remember that you can protect your account even if your password is compromised.
RockYou2024 is not only a reminder to update your password, but also a reminder to do not use the same password on different services or websites. However, If you don’t want to have 30 passwords different, there are always options add a second level of security.
Depending on the service, you may be able to apply additional security measures. The most well-known of these are get code by sms authentication. We continue with authentication applications which will give you a temporary code, such as Google Authenticator, Authy or Microsoft Authenticator. There are also more advanced methods, such as your own physical security key.
So, in times like these, at the very least, always try to have one of these second levels of security. This means that even if they have your password It will be impossible for them to access the account.
or service if they do not have access to this authentication code. Whether via email, SMS or via an app.