According to cybersecurity experts, nearly 10 billion passwords have just leaked onto Internet forums. A trove of social media, email, and other site passwords have leaked, making this one of the biggest data breaches in years.
MAJOR PASSWORD LEAK – In an attack dubbed “RockYou2024,” online cyber criminals have acquired nearly 10 billion passwords from a hacker forum last week. Experts in cyber security warn that the leak will pose a major risk to users who often reuse passwords.
With such a large quantity of passwords stolen, the risk of “credential stuffing” has skyrocketed. In essence, credential stuffing is when a fraudster uses leaked passwords on popular sites, hoping that users are reusing the same ones. Without much effort needed, these criminals can break through website security systems.
Time and time again, experts have strongly advised against re-using passwords for different sites. In a quote from CyberNews, researchers warned that the RockYou2024 hack could allow threat actors to “conduct brute-force attacks” and “gain unauthorized access to various online accounts,” most notably banking accounts.
The question is remains: how can you prevent your information from getting swept up in these leaks? Firstly, turn on multi-factor authentication or 2-step authentication (MFA and 2FA) on your apps. Your accounts will now require a little bit more verification than simply entering a password. This makes it significantly harder for net thieves to get their hands on your information.
Furthermore, make sure you’re using original passwords. In 2019, the National Cyber Security Centre (NCSC) compiled 20 of the most common passwords. The list included the following: 123456, 123456789, qwerty, password, 1111111, 12345678, abc123, 1234567, password1, 12345, 1234567890, 123123, 000000, Iloveyou, 1234, 1q2w3e4r5t, Qwertyuiop, 123, Monkey, Dragon. Recognize any of these? If so, you should change your password as soon as possible. Names, favorite sports teams, common pet names, and fictional characters are popular and therefore easy to guess through brute force.
A good tactic is stringing three random words together, suggests the NCSC, as the best passwords are long albeit simple to remember. Don’t recycle these passwords, either. Use a password manager or a physical password ledger to keep them safe. Follow these tips and avoid being a victim of the next password leak.
Source: Article by The Sun, 9 Jul 2024
Read more of our articles here.