Home > News > 995 crore passwords...

995 crore passwords leaked in ‘world’s largest’ data breach: Report

The file with the data, titled rockyou2024.txt, was posted on July 4
By :  The Federal
Update: 2024-07-08 11:24 GMT
Representational image: iStock

Nearly 995 crore passwords, in plain text format, have been leaked online by a hacker, who goes by the name ‘ObamaCare’, according to a media report.

A report on Cybernews said that researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext passwords. The file with the data, titled rockyou2024.txt, was posted on July 4.

While the user registered in late May 2024, they have previously shared an employee database from the law firm Simmons & Simmons, a lead from an online casino AskGamblers, and student applications for Rowan College at Burlington County, it added.

“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” researchers at Cybernews said.

“Threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts used by individuals who employ passwords included in the dataset,” they explained.

As per a report on Forbes, quoting security researchers, this the “world’s largest collection of stolen passwords” that have been uploaded to an infamous crime marketplace where cybercriminals trade such credentials”.

These unique passwords have been collected from numerous data breaches and hacks across many years, the report added.

In a statement to Forbes, Cybernews’s spokesperson said that the hacker provided “proof” of around 30 GB of combo lists from which the data was extracted.

The spokesperson said, “Our researchers have been in contact with the threat actor who published the file with the data and provided proof of around 30 GB of combo lists from which data was extracted. However, our research team did not investigate all of the datasets thoroughly.

“Nonetheless, researchers were able to map the values between the provided combo lists and a part of the RockYou dataset with a 100% match. Our aim is to inform the public about potential risks, not to pass the dataset to threat actors for use. Thus, we cannot confirm or deny your mentioned claims from other hackers/researchers.”

Tags:    

Similar News

'Digital arrest' | Police won't arrest you on video calls: I4C advisory
IAF air show in Chennai: Spectacular aerial display steals hearts
NIA arrests alleged terror operative during pan-India searches
Video of boat accident that killed 78 is from Congo not Goa: Police
SC dismisses pleas seeking review of verdict scrapping electoral bonds
Andhra vs Telangana: Flood relief raises stink of Centre’s ‘partiality’
Jaishankar: No India-Pakistan bilateral talks during SCO meet
'Venugopal working to defame govt': Dubey tells LS Speaker, after PAC summons to Buch
Hindenburg-Adani row: Parliamentary panel summons SEBI chief Madhabi Buch
Pune court summons Rahul Gandhi in Savarkar defamation case
Amit Shah says govt plans to add 75,000 medical seats across India in next 10 yrs
Journalists shouldn’t be booked for reports perceived as govt criticism: SC