- The best Prime Day phone deals to shop before the deals end
- Last chance best October Prime Day Ring camera deals to shop in 2024 - plus Blink and Arlo camera deals
- Best Prime Day kitchen deals to shop in October 2024: Last chance
- The 65+ best Walmart deals you can shop now: Live updates
- Beats' freshest headphones sound great - and they're 50% off for Prime Day
Nearly 10 billion stolen passwords were leaked on a hacker forum
According to recent reports, nearly 10 billion stolen passwords were leaked onto a hacker forum. 9,948,575,739 unique, plaintext passwords were uploaded to the forum on July 4, 2024 with the file name rockyou2024.txt. It is believed that this compilation is building off of an earlier database of credentials, adding around 1.5 billion new passwords into the database.
With so many passwords exposed, individuals or organizations that frequently reuse passwords may be at risk. Chris Bates, CISO at SandboxAQ, states, “Companies should assume all passwords are compromised and build the correct mitigating controls. Those include phishing resistant MFA, passwordless authentication, and behavior-based detection and response programs to detect malicious use.”
Some researchers question the value of the data added via rockyou2024.txt, asserting that much of the information may be useless to malicious actors. Nevertheless, individuals and organizations are encouraged to bolster their security measures now and in the future.
“It’s imperative for organizations to implement and enforce stringent password policies, educate users about the risks of password reuse and put into action multifactor authentication widespread adoption,” says Dr. Marc Manzano, General Manager of Cybersecurity at SandboxAQ. “Additionally, enhancing overall IT systems security by deploying modern cryptography management platforms will be crucial in defending against large-scale threats leveraging stolen passwords.”