In a significant security breach, nearly 10 billion unique passwords have been leaked on a widely recognized cyber forum. This unprecedented release of passwords, dubbed “rockyou2024.txt,” has been sourced from decades of data breaches and poses a substantial risk for future cyberattacks.
The RockYou2024 database, which contains almost 10 billion unique passwords, surpasses the previous record holder RockYou2021 by adding 1.5 billion new passwords. This colossal compilation of passwords was collected from thousands of data leaks, making it the largest of its kind.
In response to this extensive data compromise, Kaspersky’s experts have issued practical guidance to help users protect themselves:
- Check the breach impact: Users are advised to check if their data has been affected. Modern security solutions can detect leaked data and provide alerts. Public sources can also help identify whether personal data has been compromised.
- Change your passwords immediately: It is crucial to change passwords as soon as possible and update all other sites using the same password. New passwords should be unique for each account, at least 8 characters long, and combine letters, numbers, and symbols. A password checker can be used to ensure the strength of the new password.
- Block and reissue your bank card, if necessary: If payment data was stored by a compromised service, blocking and reissuing a card is recommended. Reissuing a bank card is typically quick and prevents greater inconvenience.
- Install a reliable password manager: Password managers create strong passwords and store them securely in an encrypted vault. They also monitor data leaks and check if passwords have been compromised.
- Enable two-factor authentication (2FA): To protect accounts from unauthorized access, setting up 2FA is highly recommended. This can be done via SMS, email, or using an authentication app or password manager that generates one-time codes.
- Close unused accounts securely: If there are no plans to continue using a service after a data leak, deleting the account and requesting the complete removal of all collected data is advisable. Contacting technical support or following the Privacy Policy instructions can reveal the extent of data exposure.
- Share only essential personal information online: To minimize risks, it is recommended to provide minimal information to services. Avoid using a main email address, and omit real names and residence addresses if not required.
The RockYou2024 breach highlights the importance of robust cybersecurity practices. Users are urged to follow these guidelines to protect their personal information and prevent potential cyber threats.
