Passwords may be one of the most annoying aspects of our daily lives, but they have become extremely important with the ever-growing adoption of the digital landscape. That is why it isn't good when nearly 10 billion unique plaintext passwords leak onto a hacking forum.
A user with the handle "ObamaCare," who has a history of leaking data such as employee databases sourced from law firms, and data acquired from colleges and casinos, posted on a hacking forum, "Xmas came early this year". The leaker added, "I present to you a new rockyou2024 password list with over 9.9 billion passwords!" ObamaCare is referencing a leak called "RockYou2021" where 8.4 billion passwords were leaked online.
Security experts over at Cybernews believe the leak could have extremely bad ramifications for users around the world, as the exposed users could see an increase in the number of online accounts being illegally accessed through brute force hacking. If you are interested in protecting yourself against such breaches, you can check if your password has been compromised using the Leaked Password Checker tool here.
"In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks," said the researchers
"Threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts used by individuals who employ passwords included in the dataset," added the experts
"Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts," the security researchers said