Jump to content
  • Largest password data breach in history has been leaked online

    aum

    • 545 views
    • 2 minutes
     Share


    • 545 views
    • 2 minutes

    Largest password data breach in history has been leaked online

     

    Back in 2009, threat actors hacked into the website servers of social app RockYou, accessing over 32 million user passwords stored in plaintext. Now, in what appears to be the largest data breach in history, attackers have compromised 262 times as many passwords. With 3.2 billion leaked passwords from multiple databases, this attack has been dubbed RockYou2021.

     

    As only 4.7 billion users utilize the Internet, that means RockYou2021 could actually involve the passwords of nearly twice the global population. Therefore, users should immediately check to see whether their passwords were affected by this leak. Users can check for password compromise using the website Have I Been Pwned or the CyberNews personal data leak checker.

     

    Threat actors can take advantage of the RockYou2021 password collection by combining 8.4 billion unique password variations with existing breach compilations of email addresses and usernames. The hackers could then use these credentials for dictionary and password spraying attacks against an unknowable number of online accounts.

     

    So far, research suggests that all of the passwords involved in this leak have non-ASCII characters between 6-20 characters each, with white spaces removed.

     

    If you believe that one or more of your passwords may have been compromised in the RockYou2021 breach, you can take mitigation steps by immediately changing your passwords for all of your online accounts. In fact, using a password manager can help you create strong, complex passwords that don't have to be easy to remember. Furthermore, you can enable two-factor authentication (2FA) on all of your accounts.

     

    Finally, as always, make sure to always closely examine all unsolicited spam emails, calls and text messages for potential phishing activity. Most importantly, never click on links or download any executables in messages that you weren't expecting or from senders you don't recognize.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...