RockYou2024: World's largest database of stolen passwords posted, exposing nearly 10 billion credentials


  • TECH
  • Tuesday, 09 Jul 2024

The password database was uploaded in a plain text file named rockyou2024.txt and is referred to as RockYou2024. — 123rf

A user on a notorious hacking forum known for trading data among cybercriminals has allegedly uploaded the largest compilation of stolen or leaked passwords in history, containing a staggering 9,948,575,739 unique credentials.

First reported by online cybersecurity publication Cybernews, the database originally surfaced on July 4 and was posted by a user under the handle "ObamaCare".

The password database was uploaded in a plain text file named rockyou2024.txt and is referred to as RockYou2024.

Following an investigation by Cybernews researchers, the database was found to consist of a mix of data from old breaches and more recent incidents.

They claim that RockYou2024 builds on a prior leak from 2021, known as RockYou2021, which was the largest leaked database of passwords at the time with 8.4 billion credentials. The latest database adds 1.5 billion additional passwords to the total.

Cybernews believes that RockYou2021 was an extension of an even older password database from 2009.

“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” Cybernews researchers say.

Credential stuffing is a brute force cyberattack method where cybercriminals use databases of passwords to guess login details, since passwords may remain unchanged and be shared across multiple accounts.

Best security practices include not using the same passwords on multiple platforms and enabling multi-factor authentication to protect online accounts. Additionally, keep your software up-to-date and be cautious of phishing attempts.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Exclusive-Conservative think tank targeting NASA employees' communications about Musk, Trump
Factbox-AI startups ride on investor frenzy to raise billions in 2024
Google tests verified check marks in search results
Brazil's top court says X paid pending fines to wrong bank
Facebook seeks to attract young adults with new community, video features
Tencent, Guillemot family mulling buyout of 'Assassin's Creed' maker Ubisoft, Bloomberg News reports
Ubisoft shares set for biggest one-day jump on record after takeover report
Coinbase to delist some stablecoins in Europe ahead of new regulations
Experian buys Brazilian cyber security firm ClearSale in $350 million deal
Meta, challenging OpenAI, announces new AI model that can generate video with sound

Others Also Read