What seems to be the world’s largest password collection has been released on a prominent hacker site. A forum member released a large 100GB TXT file containing 8.4 billion password entries, probably compiled from prior data dumps and hacks. All of the passwords in the leak are said to be 6-20 characters long, with non-ASCII characters and white spaces deleted. It is also said that the compilation comprises 82 billion passwords. However, the real number was cited to be nearly 10 times lower – 8,459,060,239 unique entries.
The forum user has dubbed the compilation ‘RockYou2021’, presumably about the infamous ‘RockYou’ data breach that occurred in 2009, where 32 million user accounts were exposed. Threat actors hacked their way into the social app website’s servers and obtained users passwords stored in plain text.
The 2021 version of RockYou had so many passwords because it dipped into a slew of previously stolen datasets, including the Compilation of Many Breaches (COMB), which disclosed over 3.2 billion unique combinations of emails and passwords in cleartext. The only saving grace is that many of these passwords are from dormant accounts or have been changed afterwards. It is strongly advised that users immediately check to see whether their credentials were included in the breach. Also, read about the largest data breaches in 2020 for some more information about leaks and breaches.
How to Check if Your Password was leaked?
Users concerned about exposed passwords and other sensitive information are encouraged to take a few steps to be sure so that if need be you can take preventive measures.
- Use a reliable data leak checker where you can input your email address to see whether your account has been compromised. Some such software includes, Have I Been Pwned, Firefox Monitor and Avast Hack Check.
- If you know or believe that one of your accounts was compromised in a data breach, reset your password right away.
- Consider utilizing a password manager to generate, store, and manage strong passwords for your online accounts.
- Enable multi-factor authentication on any accounts that support it.
- Be on the lookout for an upsurge in spam and phishing emails in which criminals attempt to defraud you using your stolen email address.
If you find that one or more of your passwords were included in the RockYou2021.txt collection and are potentially being sold on the dark web, we urge that you take these measures to protect your data and avoid potential impact from threat actors at the earliest. Read about the SolarWinds Supply Chain attack and the dark web on our blog to get an idea of the working of the dark web.
Potential Impact of the Leak
Threat actors can utilise the RockYou2021 collection to mount password dictionaries and password spraying attacks against unfathomable numbers of internet accounts by combining 8.4 billion unique password variants with other breach collections that contain usernames and email addresses.
Because most individuals reuse their passwords across many apps and websites, the number of accounts potentially compromised by credential stuffing and password spraying assaults as a result of this breach may approach millions, if not billions.
Organizations need to take precautionary measures to ensure such data breaches do not take place. Using software from SureShield such as BreachShield provides comprehensive dark web monitoring and risk response guidance:
- Network intelligence with multiple risk assessment techniques
- Compilation of threat actor communications to identify threats in one searchable database
- Dark web forum human-driven data analysis and advanced threat intelligence
- Key insights into real-time risks with breach intelligence and third-party exposure
- Protection for network assets such as infected devices, malicious access, compromised credentials etc.
- Safeguards corporate credit cards
- Root cause analysis by integrating data from SureShield’s modules (SecurityShield, HackShield, and ComplyShield)
- Comprehensive risk response and remediation process