Hacker leaks nearly 10 billion passwords in biggest theft ever: Report – Firstpost


According to a report, a hacker has achieved the biggest feat ever by leaking nearly 10 billion passwords.

This leak is the latest incident of a large amount of hacked passwords and personal passwords being leaked on the internet. Earlier this year, up to 12 terabytes of data was leaked online which included about 26 billion digital records stolen from platforms such as LinkedIn, Twitter, Weibo and Tencent.

Now, Cyber ​​News has reported that a user calling himself 'Obamacare' has leaked a total of 9,948,575,739 unique passwords in a dataset called 'RockU2024' on a popular hacking forum on the Internet. The dataset was posted on the forum on Thursday.

This is not the first time that 'Obamacare' has posted stolen data on the Internet. Previously, the report said the user shared the employee database of law firm Simmons & Simmons, a lead from online casino AskGamblers, and applications for Rowan College in New Jersey.

The 'RockU2024' dataset has been compiled over several years, the report says

Cyber ​​News researchers who studied the dataset said that this dataset has been compiled for more than 10 years and the dataset released this week is its third part.

The report quoted researchers as saying that the 'RockU2024' dataset is a compilation of many newly stolen passwords and many previously stolen passwords.

In 2021, a dataset called 'RockYou2021' was released that contained about 8.4 billion stolen passwords. The dataset released this week has added another 15 billion passwords to this database.

According to the report, the dataset uploaded in 2009 was based on another dataset released in 2009, which contained “hundreds of millions of user passwords for social media accounts.”

What harm can such a leak do to you?

The leaked passwords in such datasets can be used for credential stuffing attacks and brute force attacks.

A credential stuffing attack refers to the practice of criminals using a password stolen from one device or account to gain access to another device or account. The premise is that users often use the same password across different accounts, so criminals rely on such passwords to gain access to other or all users' accounts.

Brute force attacks refer to criminals using a trial and error method to systematically guess sign-in information, passwords, and encryption keys.

CyberNews researchers said the 10 billion database could be used to target everything from online to offline services, internet-facing cameras and industrial hardware.

“Furthermore, together with other databases leaked on hacker forums and marketplaces, which contain, for example, user email addresses and other credentials, RockYou2024 could contribute to data breaches, financial fraud, and identity theft,” CyberNews researchers said.

Breaking News

Find us on Youtube

Subscribe

Leave a Comment

“The Untold Story: Yung Miami’s Response to Jimmy Butler’s Advances During an NBA Playoff Game” “Unveiling the Secrets: 15 Astonishing Facts About the PGA Championship”