Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Billions of passwords leaked online from past data breaches
PostedinPrivacy and Security Posted on June 9, 2021

Billions of passwords leaked online from past data breaches

Posted By Shannon.Smith

Dubbed RockYou2021, the list as revealed on a hacker forum contains 8.4 billion password entries, says CyberNews.

A list of leaked passwords discovered on a hacker forum may be one of the largest such collections of all time. A 100GB text file leaked by a user on a popular hacker forum contains 8.4 billion passwords, likely gathered from past data breaches, tech news site CyberNews said on Monday.

Based on comments from the user, the passwords in the collection range from 6 to 20 characters with non-ASCII characters and white spaces removed. The user actually claimed that the list has 82 billion passwords.

But CyberNews refuted that claim, saying that its own test found around 10 times fewer entries, putting the figure closer to 8.4 billion. That’s still a substantial number, especially considering that there are 4.7 billion active internet users around the world.

The forum user named the collection RockYou2021, which CyberNews said it believes is a reference to the 2009 RockYou data breach in which social game developer RockYou was hit by an attack that exploited a SQL injection flaw. In this incident, the 32 million leaked passwords had been stored in an unencrypted format, making it easy for hackers to obtain them through brute force.

The 2021 version of RockYou contains so many passwords because it tapped into a host of leaked databases from the past, including the Compilation of Many Breaches (COMB), which revealed more than 3.2 billion unique pairs of emails and passwords in clear text. The only bright spot is that many of these passwords may be from inactive accounts or have since been changed.

“Any password leaks of large volumes are always alarming to hear and should be taken seriously,” said Blue Hexagon CTO and co-founder Saumitra Das. “Our own investigation of this report has shown that quite a large number of accounts passwords are recycled from previous breaches and not necessarily active.”

For now, users concerned about leaked passwords and other sensitive information are urged to take a few actions, as advised by CyberNews.

  • Use a reputable data leak checker where you can enter your email address to find out if your account may have been caught in a breach. Sites worth trying include Have I Been Pwned, Firefox Monitor, and Avast Hack Check.
  • If you know or even suspect that one of your accounts was caught in a data breach, change your password immediately.
  • Consider using a password manager to create, store and apply strong and secure passwords for your online accounts.
  • Enable multifactor authentication on any accounts where this method is offered.
  • Look out for an increase in spam and phishing emails through which attackers try to use your leaked email address to scam you.

And though passwords continue to seem like a necessary evil, other more secure authentication methods are available, especially for organizations.

“Companies and users need to treat these developments as a wake-up call to end their overblown reliance on passwords,” said Veridium’s chief revenue officer, Rajiv Pimplaskar. “Passwordless authentication methods such as phone as a token and/or FIDO2 security keys are now commonly available. Such solutions create an un-phishable connection between the user and the IT system and eliminate the need for a password, thereby reducing the attack surface and making the environment more resilient against cyberattacks.”

Sourcelink

Share on Facebook Share on Twitter
Previous Article
Why Incognito Mode and Private Browsing are Not Private
Next Article
Android 12 cheat sheet: Everything you need to know

About Author

Shannon.Smith

Related Posts

  • Generative AI brings new risks to everyone. Here’s how you can stay safe

    May 12, 2023
  • Enhancing Email Security: Gmail Introduces Blue Verification Checks

    May 10, 2023
  • Cybercriminals Shift from Dark Web to Deep Web

    April 14, 2023
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • Generative AI will soon be shaking up YouTube, too March 2, 2023 Emerging Technology & News
  • Researchers discover a major flaw in PDF encryption standard October 10, 2019 Privacy and Security
  • How to make Google Docs 😊: The easy way to add emoji without copy and paste August 17, 2020 Computer Help
  • Facebook renames itself Meta amid controversy October 28, 2021 Business
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok