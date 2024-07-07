Countries
Close
English English Portuguese Português (PT/BR) 한국어 Korean 한국어 Japanese 日本語 chinese 中文 vitenam Tiếng Việt
Home Security Researchers Find the Biggest Stolen Password Database With 10 Billion Passwords
News

Security Researchers Find the Biggest Stolen Password Database With 10 Billion Passwords

Krishi Chowdhary Journalist Author expertise
Updated:
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.
  • Security researchers discovered a file called ‘rockyou2024.txt’ that contained 9,948,575,739 stolen passwords on a criminal marketplace.
  • The file was uploaded by a hacker named ObamaCare on July 4. The contents of the file were stolen through multiple data breaches over a period of at least two decades.
  • Users are recommended to be cautious during the coming days. Update your old passwords, turn on multi-factor authentication and make sure all your accounts have a different unique password.

Database With 10 Billion Stolen Passwords Found

Researchers have discovered a file that contains 9,948,575,739 (almost 10 billion) unique plaintext passwords that were stolen over the years (at least two decades) through multiple security breaches. It is believed to be the biggest password cache ever uncovered.

On July 4, a file named ‘rockyou2024.txt’ was uploaded to an online criminal marketplace by a hacker who goes by the name ObamaCare. That’s where it was first discovered by the cybersecurity researchers.

It was found that the file consists of an earlier database named RockYou 2021 which comprised about 8.4 million stolen passwords. This would mean that an additional 1.5 million passwords were added to it between the period of 2021 and 2024.

What Could Be the Consequences?

Needless to say, a file containing these many passwords is the dream of any hacker and hence a nightmare for all the users whose credentials had been compromised.

It can be used in brute-force attacks where the hackers will gain unauthorized access to various online accounts of the affected users. Data breaches, financial frauds, and identity thefts will become all too common.

A brute-force attack is a type of hacking method in which hackers keep stuffing passwords on a trial-and-error basis until they finally find the right match.

It’s not just the online accounts, offline services are equally at risk, including internet-facing cameras and industrial hardware.

What Can the Users Do Now?

The only thing you can do if you believe your password has been stolen is protect all your accounts.

  • We recommend changing old passwords to something new and strong. Make sure it’s not similar to your old password.
  • Ensure you use a combination of numbers, letters, and symbols in your passwords. Longer passwords with a good mix of these elements can take years to crack. For instance, a 12-character password with just lowercase and uppercase characters can take 300 years to get into.
  • Also, make sure you are using unique passwords for every single account. This way even if one of your accounts is compromised, the others will remain safe.

You can also use password checkers to gauge the strength of your current password or simply use one of the best password managers around, which will suggest strong unbreakable passwords and also remember them for you. These managers also encrypt your passwords, making it difficult for hackers to read them even if servers are breached.

It’s also a good time to use multi-factor authentication. Add extra layers of protection to your accounts so that one single compromised password can’t give it away.

Security experts even advocate making two-factor authentication mandatory through a regulation across platforms.

Another alternative is going passwordless. If supported, you can turn on biometric login (Face ID or fingerprint) for your devices, which will do away with the need for traditional passwords.

All-in-all, it is high time you become more cautious of your password habits and secure your online accounts.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.
Add Tech Report to your Google News feed

Question & Answers (0)

Have a question? Our panel of experts will answer your queries. Post your Question

Leave a Reply

Write a Review

Your email address will not be published. Required fields are marked *

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.

Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.

Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Most Popular News

1 OpenAI Was Hit by a Cyber Attack in 2023: Here’s What Happened
2 Security Researchers Find the Biggest Stolen Password Database With 10 Billion Passwords
3 Bitcoin Plunges to $54,000 as Mt. Gox Moves $2.6 Billion Worth of BTC
4 Coinbase Fights to Access Documents Related to Gensler’s Private Communication
5 German MP Persuades Government to Quit Impromptu Bitcoin Sell-Offs

Latest News

OpenAI Was Hit by a Cyber Attack in 2023: Here’s What Happened
News

OpenAI Was Hit by a Cyber Attack in 2023: Here’s What Happened

Krishi Chowdhary
Bitcoin Plunges to $54,000 as Mt. Gox Moves $2.6 Billion Worth of BTC
Crypto News

Bitcoin Plunges to $54,000 as Mt. Gox Moves $2.6 Billion Worth of BTC

Rida Fatima

Bitcoin’s price slumped for the fourth consecutive trading day after Mt. Gox moved a sizable amount of BTC to a new wallet, possibly readying for the proposed repayment.  According to...

Crypto News

Coinbase Fights to Access Documents Related to Gensler’s Private Communication

Rida Fatima

US-based cryptocurrency exchange Coinbase has challenged the SEC’s refusal to grant access to its chairman, Gary Gensler, ‘s private emails.  In a letter addressed to District Court Judge Katherine Polk...

German MP Persuades Government to Quit Impromptu BTC Sell-Offs
Crypto News

German MP Persuades Government to Quit Impromptu Bitcoin Sell-Offs

Rida Fatima
Bitcoin Falls to Lowest Point Since February, Liquidating Nearly $600 Million
Crypto News

Bitcoin Falls to Lowest Point Since February, Liquidating Nearly $600 Million

Rida Fatima
Crypto Market Outlook: Recent Happenings and Activities in the Digital Asset Space
Crypto News

Crypto Market Outlook: Recent Happenings and Activities in the Digital Asset Space

Rida Fatima
eTukTuk Drives The Green Revolution
Crypto News

Building a Sustainable Future – eTukTuk Drives The EV Revolution

Leah Alger

REGULATION & HIGH RISK INVESTMENT WARNING: Trading Forex, CFDs and Cryptocurrencies is highly speculative, carries a level of risk and may not be suitable for all investors. You may lose some or all of your invested capital, therefore you should not speculate with capital that you cannot afford to lose. The content on this site should not be considered investment advice. Investing is speculative. When investing your capital is at risk. Please note that we do receive advertising fees for directing users to open an account with the brokers/advertisers and/or for driving traffic to the advertiser website.

Crypto promotions on this site do not comply with the UK Financial Promotions Regime and is not intended for UK consumers.

© Copyright 2024 The Tech Report Inc. All Rights Reserved.