Table of Contents
Are you reusing passwords across different sites? It might be time to rethink your strategy.
Cybernews researchers have discovered an enormous cache of nearly 10 billion passwords on a prominent hacking forum, dubbed the "largest password compilation" ever. The file, titled rockyou2024.txt, was shared on July 4 by a user named ObamaCare, who joined the forum in late May and has already posted data from other breaches.
The rockyou2024.txt file contains an astounding 9,948,575,739 unique plaintext passwords. According to Cybernews, this compilation is a blend of data from both old and recent breaches. While it doesn't represent a single new breach, the aggregation of these passwords into one searchable database significantly increases the risk of credential stuffing attacks.
Credential stuffing involves using passwords obtained from one breach to try to access unrelated services. For example, a password from an AT&T breach might be used to attempt to log into your bank account.
This isn't the first RockYou password compilation, but it is the largest. The 2021 RockYou2021 file contained 8.4 billion plaintext passwords. Cybernews believes the current file includes passwords collected over the past 20 years, encompassing those original 8.4 billion passwords. There's a strong possibility that at least one of your passwords is in this file.
To check if your passwords are compromised, use Cybernews’ Leaked Password Checker. If any of your passwords are found, change them immediately to strong, unique ones. Review your other accounts to ensure you're not reusing passwords across different services, and enable multi-factor authentication wherever possible. Using a password manager can help you stay organized and secure.
Additionally, for enhanced online security and privacy, consider using NordVPN. It encrypts your internet traffic, protecting your data from hackers and snoopers.
