A hacker, who goes by the name “ObamaCare”, has leaked 995 crore passwords, as per Forbes. The information was released under a dataset named Rockyou2024 on Thursday, the report added.
As per researchers, it is considered the largest password data breach of all time.
“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” researchers at Cybernews said.
“Threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorised access to various online accounts used by individuals who employ passwords included in the dataset,” they added.
As per the researchers, the passwords have been leaked with the help of a mix of old and new data breaches.
“Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team said.
But this isn't the first time Rockyou2024 has leaked passwords. Before this, hackers leaked around 8.4 billion plain text passwords, the report added.
People are advised to follow cyber hygiene practices to avoid falling prey to online crime. In April, the University Grant Commission asked all higher educational institutions (HEIs) to participate in a webinar on 'Cyber Hygiene'.
"As per the directions of the Ministry of Home Affairs to promote mass awareness of students in the prevention of cybercrime, all higher education institutions (HEIs) are requested to participate in a 1-hour live webinar on 'Cyber Hygiene' by the Indian Cyber Crime Coordination Centre (l4C), Ministry of Home Affairs, scheduled for April 3, 2024, Wednesday from 2:00 PM to 3:00 pm," read the official notification by UGC.