Click to Skip Ad
Closing in...

10 billion stolen passwords shared online in record-breaking leak

Published Jul 5th, 2024 8:31PM EDT
Nearly 10 billion passwords have been leaked online.
Image: Sean Gladwell/Getty Images

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Months after the so-called “mother of all breaches” was uncovered in January, another record-breaking leak has been posted online. According to the Cybernews research team, a password compilation containing nearly 10 billion unique plaintext passwords (9,948,575,739 to be exact) was published on a hacker forum on July 4th.

The password compilation file from user ObamaCare is titled rockyou2024.txt — a reference to RockYou2021, which was previously the largest password compilation on record. RockYou2021 was a 100 GB text file containing 8.4 billion plaintext passwords.

Cybernews claims that RockYou2024 combines the previous leak with a collection of more than 1.5 billion new passwords collected between 2021 and 2024.

RockYou2024 contains nearly 10 billion passwords.
RockYou2024 contains nearly 10 billion passwords. Image source: Cybernews

The Cybernews research team warns that threat actors will use all of the leaked passwords for credential stuffing, which is a cyberattack that uses stolen account credentials to gain access to user accounts. Combined with older leaked databases, researchers believe “RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts.”

There’s obviously nothing you can do to reverse this leak, but Cybernews did share a few steps you can take to ensure that your accounts are safe from threat actors:

  • Immediately reset the passwords for all accounts associated with the leaked passwords. It is strongly recommended to select strong, unique passwords that are not reused across multiple platforms
  • Enable multi-factor authentication (MFA) wherever possible. This enhances security by requiring additional verification beyond a password
  • Utilize password manager software to securely generate and store complex passwords. Password managers mitigate the risk of password reuse across different accounts

It’s always worth checking HaveIBeenPwned.com every month or so to see if your passwords need to be updated due to your online accounts being compromised.

Jacob Siegal
Jacob Siegal Associate Editor

Jacob Siegal is Associate Editor at BGR, having joined the news team in 2013. He has over a decade of professional writing and editing experience, and helps to lead our technology and entertainment product launch and movie release coverage.