Researchers at CyberNews called it “the largest password compilation,” as nearly 10 billion unique plaintext passwords have been exposed.

Getty Images

Lauren Taylor Anchor/Reporter

Tech

Two major cyber security breaches impact billions of people worldwide

Jul 12, 2024

Lauren Taylor Anchor/Reporter

By Lauren Taylor (Anchor/Reporter), Jake Maslo (Video Editor)

Researchers at CyberNews are calling it “the largest password compilation,” as nearly 10 billion unique plaintext passwords have been exposed. The data was uploaded to a file titled “RockYou2024,” and these passwords are used by people worldwide.

Bias Distribution Powered by Ground News™

The CyberNews team warned that this massive leak increases the risk of credential stuffing attacks, which can be detrimental to both users and businesses. Cybercriminals can exploit the leaked information to gain unauthorized access to unrelated services.

Download the SAN app today to stay up-to-date with Unbiased. Straight Facts™.

Point phone camera here

Researchers emphasize that attackers can use the leaked passwords and target any system lacking protection against brute-force attacks. This situation could lead to a cascade of data breaches, financial fraud and identity theft, CyberNews said.

To safeguard your accounts, cyber security experts recommend:

Resetting all passwords: Immediately reset all passwords associated with the leak. Use strong, unique passwords that are not reused across platforms.

Enabling multi-factor authentication: Whenever possible, enable multi-factor authentication. This adds an extra layer of security by requiring additional information during login.

Using a password manager: Consider using password manager software to create and securely store complex passwords on your devices.

In another data breach, AT&T reported on Friday, July 12, that a hacker downloaded and released call and text records of tens of millions of customers between May and October 2022.

The breach did not include the contents of calls and messages, and information such as names, Social Security numbers and birthdates was not compromised. AT&T will notify current and former customers if their information was affected.

Tags: AT&T, Big Tech, Cyber attack, cyber crimes, data breach, Hackers, Tech, User data

[LAUREN TAYLOR]

NEARLY 10 BILLION UNIQUE PASSWORDS — LEAKED ON A POPULAR HACKING FORUM – IN WHAT RESEARCHERS AT CYBERNEWS ARE CALLING “THE LARGEST PASSWORD COMPILATION.”

THEY SAY THE NUMBER IS STAGGERING — (WITH 9,948,575,739 UNIQUE PLAINTEXT PASSWORDS) THE DATA UPLOADED TO A FILE TITLED “ROCKYOU2024” AND THEY’RE REAL PASSWORDS USED BY PEOPLE ALL OVER THE WORLD.

SO, WHAT DOES THIS MEAN FOR YOU?

THE TEAM AT CYBERNEWS SAYS THIS CAN INCREASE THE RISK OF CREDENTIAL STUFFING ATTACKS – WHICH CAN BE DAMAGING FOR USERS AND BUSINESSES.

A CREDENTIAL STUFFING ATTACK CAN HAPPEN WHEN CYBERCRIMINALS USE THE LEAKED INFORMATION AND ATTEMPT TO GAIN ACCESS TO OTHER UNRELATED SERVICES.

RESEARCHERS SAY ATTACKERS CAN USE THE INFORMATION FROM ROCKYOU2024 “TO TARGET ANY SYSTEM THAT ISN’T PROTECTED AGAINST BRUTE-FORCE ATTACKS” WHICH “CAN CONTRIBUTE TO A CASCADE OF DATA BREACHES, FINANCIAL FRAUDS, AND IDENTITY THEFTS.”

BUT THEY SAY THERE ARE STEPS YOU CAN TAKE TO PROTECT YOURSELF.

FIRST, CYBERNEWS SAYS YOU SHOULD IMMEDIATELY RESET ALL PASSWORDS ASSOCIATED WITH THE LEAK – AND USE A STRONG, UNIQUE PASSWORD NOT TO BE USED ACROSS ALL PLATFORMS.

THEN, ENABLE MULTI-FACTOR AUTHENTICATION WHEN POSSIBLE – THIS WILL REQUIRE ADDITIONAL INFORMATION TO LOG-IN TO YOUR ACCOUNTS.

AND LAST, USE A PASSWORD MANAGER SOFTWARE WHICH CAN CREATE AND STORE COMPLEX PASSWORDS ON YOUR DEVICES.

IN ANOTHER CYBER SECURITY ATTACK –

AT&T SAYS – A HACKER DOWNLOADED AND RELEASED CALL AND TEXT RECORDS OF TENS OF MILLIONS OF CUSTOMERS – FROM MAY THROUGH OCTOBER 2022.

THE CONTENTS OF THE CALLS AND MESSAGES ARE NOT INCLUDED IN THE BREACH ACCORDING TO A NEWS RELEASE. iT ALSO SAID INFORMATION OF CUSTOMERS LIKE NAMES, SOCIAL SECURITY NUMBERS AND BIRTHDATES WERE NOT INCLUDED.

AT&T SAYS THEY DON’T BELIEVE THE INFORMATION IS PUBLICLY AVAILABLE AND THEY WILL BE NOTIFYING CURRENT AND FORMER CUSTOMERS IF THEIR INFORMATION WAS INVOLVED.

FOR SAN, I’M LAUREN TAYLOR.

FOR MORE UNBIASED, STRAIGHT FACTS – DOWNLOAD THE SAN APP.