Hackers released data on 8.4 billion passwords this week and posted the information online. This might be the largest dump of passwords online ever.
Surprisingly, this is not making many headlines in the mainstream media.
Published June 8, 2021 – BGR MSN reported:
This news comes via the team at CyberNews, which reports that a 100GB text file containing a staggering 8.4 billion password entries was just leaked on a popular hacker forum. This data set presumably combines passwords stolen via previous data breaches and leaks, and it’s been dubbed the “RockYou2020” password leak on that hacker forum. That name was apparently chosen, per CyberNews, as a nod to the RockYou data breach from back in 2009, “when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text.”
If you’re reading these words, suffice it to say you probably need to change your passwords. Today, even. That’s because this new password leak is comparable in scale to the so-called “Compilation of Many Breaches,” or COMB, that we wrote about earlier this year. That previous compilation was essentially a giant database of more than 3.2 billion email-and-password pairings based on existing data that had been stolen as part of previous breaches and leaks from companies like Netflix and LinkedIn.
This new leaked password dataset, of course, is more than double that previous collection. And when you stop and consider that there are more than 7 billion people in the world, this means that there’s a strong likelihood that one of your myriad passwords is very likely caught up in this leak. CyberNews is recommending that anyone who wants to check and see if their passwords are included in this dataset should visit the CyberNews personal data leak checker or the leaked password checker, where password entries from the RockYou2021 compilation are being uploaded.
“By combining 8.4 billion unique password variations with other breach compilations that include usernames and email addresses, threat actors can use the RockYou2021 collection to mount password dictionary and password spraying attacks against untold numbers of online accounts,” CyberNews notes.
Found a few other websites sharing the same article. Onya Cairns News. I also put in an email address to the link, as I changed by AV product from Norton to Bitdefender 18 mths ago on advice from an IT Consultant and through personal research and reading copious PC Magazines on best AV product and specifications. Been no issues and email address not detected.
Sourced this website (amongst a few) that are also sharing this news of the PW hack. https://www.techrepublic.com/article/billions-of-passwords-leaked-online-from-past-data-breaches/ I went onto the Cyber News link on this Cairns News article and typed in an email address. It came up “We haven’t found your data among the leaked ones.” Phew. However, 18 mths ago, I changed my AV from Norton to Bitdefender based on an IT Consultant’s opinion, some personal research and reading copies of PC magazines for best AV and their specifications. Happy I changed AV provider.
Just more evidence why we DON’T need social media.