100 GB text file data with 8.4 Billion passwords have been hacked and is now online on a famous hacker forum named “RockYou2021”, which is in reference to the infamous RockYou data breach back in 2009.
It is considered to be the largest data leaked collection of all time. Cyber News also stated that the information was most likely collected from previous data thefts.
According to the same individual, it was the collection of 82 billion passwords. However, Cyber news discovered that the real figure was roughly 10 times lower, at 8,459,060,239 entries, after conducting its own testing. when the attackers tried to get into the website app’s server they reached out to more than 32 million user passwords stored in plain text. The passwords in the collection range from 6 to 20 characters, with non-ASCII characters and white spaces eliminated, according to the user’s remarks. The 32 million passwords that were exposed in this event were kept in an unencrypted manner, enabling brute force access easy for hackers.
“Any password leaks of large volumes are always alarming to hear and should be taken seriously,” said Blue Hexagon CTO and co-founder Saumitra Das. “Our own investigation of this report has shown that quite a large number of accounts passwords are recycled from previous breaches and not necessarily active.”
For the time being, individuals concerned about passwords and other sensitive information being disclosed are recommended to take a few steps, according to CyberNews.
“Companies and users need to treat these developments as a wake-up call to end their overblown reliance on passwords,” said Veridium’s chief revenue officer, Rajiv Pimplaskar. “Passwordless authentication methods such as phone as a token and/or FIDO2 security keys are now commonly available. Such solutions create an un-finishable connection between the user and the IT system and eliminate the need for a password, thereby reducing the attack surface and making the environment more resilient against cyberattacks.”