Change your password now as a hacker leaked nearly 10 billion passwords!

[ad_1]

Experts warn that a mass collection of stolen passwords could trigger a wave of data breaches, financial fraud and identity theft

This representative image shows a hacker using a computer. — Unsplash
This representative image shows a hacker using a computer. — Unsplash

Security researchers have issued a warning about one of the largest databases of leaked passwords to emerge online, Forbes reported.

The database, which is a text file named “RockYou2024,” contains a staggering 9,948,575,739 unique passwords stored in plain text and was published on a popular hacker forum late last week.

According to CyberNews Experts say the massive amount of stolen passwords could trigger a wave of data breaches, financial fraud and identity theft. GB News reported.

It appears the database is a mix of old and new data breaches.

“In essence, the RockYou2024 leak is a compilation of real passwords used by individuals around the world. Revealing that many passwords are used by malicious actors significantly increases the risk of credential stuffing attacks,” the researchers said.

Credential stuffing is a common method used by hackers to use login information stolen from one website to gain unauthorized access to another.

Reusing the same login information across multiple platforms can leave individuals vulnerable to this type of cyberattack.

The team of CyberNewswarned: “Threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts used by individuals who employ passwords included in the dataset.”

RockYou2024.txt builds on an earlier leak, RockYou2021.txt, a text file shared by hackers online three years ago.

How to protect yourself against credential stuffing?

For those looking to protect themselves against credential stuffing or other types of attacks following a breach, the CyberNews team advises:

  • Immediately reset passwords for all accounts that rely on a password included in the database.
  • Create a unique alphanumeric password for each online account.
  • Enable multi-factor authentication, such as a one-time code sent to your phone number, to protect accounts.
  • Use a password manager to store and manage complex passwords.
  • Use tools to check if your data has been breached.

If your password is eight characters or less, it could be cracked in just 17 seconds, researchers found.

This flaw highlights the importance of special characters, as most of the leaked passwords consisted of only lowercase or uppercase English letters with a few numbers.

Leave a Comment