The team of researchers from the news outlet cybersecurity Cybernews has discovered what they call ‘the largest collection of passwords in history’. It is a file called Rockyou2024.txt which includes a total of 9,948,575,739 unique passwords and has been posted on an unspecified popular hacking forum. The file, a collection of passwords belonging to already known security breaches and new ones, It is especially dangerous for those users who are used to reusing them.. That is, the majority.
Rockyou2024 was posted on July 4 by user ObameCare. He had registered on the forum in late May. Prior to this post, he had posted databases of law firm employees Simmons & Simmonsfrom the online casino AskGamblers and students of the Rowan College in Burlington County, New Jersey.
‘Threat actors could exploit Rockyou2024’s password compilation to perform Brute force attacks and gaining unauthorized access to several online accounts used by people using passwords included in the dataset,’ Cybernews researchers explained. They claim that recent security breaches, such as those suffered by the Santander Bank and Ticketmasterwere a consequence of Credential stuffing attacks against a cloud service provider for these companies, Snowflake. A collection such as Rockyou2024 favors this type of attacks, which can be carried out against all types of targets that are not prepared to counter them, from online and offline services to IoT devices and industrial hardware.
Rockyou2024 follows two other compilations known as Rockyou2009 and Rockyou2021. The 2009 one contained 32 million passwords. The 2021 figure grew to 8.5 billion These have already been added another 1.5 billion of new passwords leaked since then. In total, the list contains information from 4,000 databases stolen over two decades.
‘Furthermore, combined with other databases leaked on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, Rockyou2024 can contribute to a cascade of data breaches, financial fraud and identity theft‘, the researchers noted.
How to know if your password is among the leaked ones
Cybernews has made available to users a tool with which they can check if the passwords they use are collected on Rockyou2024. If so, It is necessary to change it in all the places where it is being used.as well as enabling multi-factor authentication (MFA), whenever possible.
Update 10/7:
Snowflake has contacted La Razón to confirm that the statement that “(Cybernews researchers) claim that recent security breaches such as those suffered by Banco Santander and Ticketmaster were the result of credential stuffing attacks against a cloud service provider for these companies, Snowflake” is not correct.
Snowflake notes that “we have not identified evidence to suggest that this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform” following the results of the investigation conducted by cybersecurity expert Mandiant. “Mandiant’s investigation has not found any evidence to suggest that unauthorized access to Snowflake customer accounts was the result of a breach of Snowflake’s business environment,” the company says.