Back in 2009, threat actors hacked into the web servers of the social app RockYou and gained access to over 32 million user passwords stored in plain text. Now, in what appears to be the biggest data breach in history, attackers have compromised 262 times as many passwords. With 3.2 billion leaked passwords from multiple databases, this attack has been called RockYou2021
With only 4.7 billion users using the Internet, this means that RockYou2021 can actually involve passwords from almost twice the global population. Therefore, users should immediately check if their passwords were affected by this leak. Users can check password compromises using the Have I Been Pwned website or CyberNews personal data leakage check.
Threat actors can take advantage of the RockYou2021 password collection by combining 8.4 billion unique password variations with existing fracture compilations of email addresses and usernames. The hackers could then use this credentials for dictionary attacks and password spraying against an unknown number of online accounts.
So far, research suggests that all passwords involved in this leak have non-ASCII characters between 6-20 characters each, with white spaces removed.
If you believe one or more of your passwords may have been compromised in the RockYou2021 violation, you can take mitigation steps by immediately changing your passwords for all of your online accounts. In fact, using a password manager can help you create strong, complex passwords that do not have to be easy to remember. In addition, you can enable 2-factor authentication (2FA) on all your accounts.
Finally, as always, be sure to always carefully examine all unsolicited spam emails, calls, and text messages for potential phishing activity. Most importantly, never click on links or download executable files in messages you did not expect, or from senders you do not recognize.
Complex passwords are not always the best
Mikalauskas, E. “RockYou2021: Largest password compilation ever leaked online with 8.4 billion records.” CyberNews, CyberNews, June 7, 2021, cybernews.com/security/rockyou… -compilation-leaked /
© 2021 Science X Network
Citation: The biggest password breach in history has been leaked online (2021, June 9) Retrieved June 10, 2021 from https://techxplore.com/news/2021-06-largest-password-breach-history-leaked.html
This document is subject to copyright. Except for any fair trade for the purpose of private investigation or research, no parts may be reproduced without written permission. The content is provided for informational purposes only.