10 Billion Passwords Stolen: Here’s What You Need to Do Now
The Increasing Concern of Cyber Security
In recent years, cybersecurity has become a growing concern for individuals and businesses alike.
The frequency and sophistication of cyber attacks have increased, putting sensitive data and personal information at risk.
Discovery of a Massive Database of Stolen Passwords
In this context, the discovery of a vast database of stolen passwords raises alarming questions about the protection of our online credentials.
Cybersecurity researchers at Cybernews have identified a database containing 10 billion unique passwords, collected through various cyber attacks over the past decades.
The “Obamacare” Cybercriminal
This extensive collection of stolen credentials was made public by a cybercriminal known as “ObamaCare.” Initially composed of over 8 billion records, the database has recently seen the addition of another 1.5 billion passwords, bringing the total to 10 billion.
The RockYou2024 Archive
Named RockYou2024, this archive was discovered on BreachForums, a well-known forum for criminal activities.
The passwords appear to come from users worldwide, increasing the scope and severity of the situation.
However, the increase from 8 to 10 billion passwords does not substantially change the status quo: the primary responsibility for one’s cybersecurity remains largely in the hands of the user.
Protecting Your Account
It is crucial for users to be more mindful and careful in choosing their credentials to protect themselves effectively.
The risks of having a compromised password are numerous and include identity theft, unauthorized access to accounts, and financial losses.
To check if their password has been compromised, users can utilize various online verification tools, such as Have I Been Pwned.
Security Best Practices
To defend against these attacks, experts recommend several security best practices.
Firstly, using long and complex passwords, combining uppercase and lowercase letters, numbers, and special characters is advised.
It is preferable to avoid common words or easily guessable sequences, such as “password123” or “qwerty.” Additionally, users should refrain from reusing the same password across multiple sites: if one site is compromised, all other accounts using the same password become vulnerable.
Another crucial measure is enabling two-factor authentication (2FA), which adds an extra layer of security by requiring a second verification factor beyond the password.
This factor can be a code sent to one’s phone, an authentication app, or a specific hardware device.
Lastly, keeping software and operating systems up to date is essential to protect against known vulnerabilities that could be exploited by cybercriminals.