Danish Kapoor
Danish Kapoor

Biggest password build leaked on RockYou2024 hack forum

The world’s largest password collection, RockYou2024, has been leaked on a popular hacking forum with nearly ten billion unique passwords. According to the Cybernews research team, this leak poses a great danger, especially to users who are prone to reusing passwords.

The cybersecurity world was rocked on July 4 when a file named RockYou2024.txt was shared on a forum under the username ObamaCare. The user registered in May 2024, but had previously shared the employee database of the law firm Simmons & Simmons, data from the online casino AskGamblers, and student applications from Rowan College at Burlington County.

The Cybernews team compared the passwords in the RockYou2024 leak to their own Leaked Password Checker database, revealing that the passwords were a mix of old and new data breaches. The researchers noted that the RockYou2024 leak was a compilation of real passwords used by individuals around the world, which significantly increased the potential for credential stuffing attacks for threat actors.

RockYou2024: A new wave of threats

Credential stuffing attacks can cause serious harm to users and businesses. For example, companies like Santander, Ticketmaster, Advance Auto Parts, and QuoteWizard were recently affected by credential stuffing attacks against cloud service provider Snowflake. The research team highlighted that the RockYou2024 password harvesting could allow threat actors to gain unauthorized access to various online accounts using passwords in the dataset by performing brute-force attacks.

This leak was not the result of a major data breach like the previous RockYou2021 password collection. The Cybernews team noted that RockYou2024 was created by scanning data leaks on the internet, and that the dataset grew by 15% from 2021 to 2024, with 1.5 billion new passwords added.

The RockYou2021 build was created in an expansion of a 2009 data breach and included tens of millions of user passwords for social media accounts. However, in recent years, the build has grown rapidly, with information collected from more than 4,000 databases. The Cybernews team believes the RockYou2024 build could be used to target systems that are not protected against brute-force attacks. These systems include online and offline services, internet-connected cameras, and industrial equipment.

Additionally, when combined with other leaked databases on hacker forums and marketplaces, RockYou2024 could contribute to a data chain that could lead to data breaches, financial scams, and identity theft, the company said.

Protection methods against RockYou2024

Users and organizations affected by the RockYou2024 password leak can reduce these risks by taking certain precautions. The Cybernews research team recommends immediately resetting passwords for all accounts associated with the leaked passwords and choosing strong, unique passwords. It is also recommended to use multi-factor authentication (MFA) when possible and to create and store complex passwords securely using password manager software.

Cybernews will add RockYou2024 data to its Leaked Password Checker, allowing users to check if their credentials have been compromised in this record-breaking leak. This is the second record-breaking collection of data leaked online in 2024. Earlier in the year, Cybernews discovered the MOAB (Mother of all breaches) incident, a massive 12 terabyte data breach containing 26 billion records.

Danish Kapoor