July 4, 2024, brought cyber crime fireworks worldwide as 10 billion passwords (yes, that’s 10 with 9 MORE ZEROS – 10,000,000,000) were leaked on a hacking forum. It’s being called RockYou2024, and it is the biggest password leak in history, at least for now. However, the info dump is primarily previously leaked passwords including another gigantic leak of 8.4 billion passwords that was dubbed RockYou2021. While some hackers have started recycling their bag of dirty tricks, that does not lessen the threat to you and your organization.
This password leak represents stolen information from at least 4,000 databases over the last twenty years. According to Cybernews, “Attackers can utilize the ten-billion-strong RockYou2024 compilation to target any system that isn’t protected against brute-force attacks. This includes everything from online and offline services to internet-facing cameras and industrial hardware.”
What should you do right now about the Password Leak?
- Change ALL your passwords. Do NOT REUSE old passwords or use the same password for multiple accounts. Follow strong password protocols—at least eight characters; a mix of lower and upper-case letters, numbers, and symbols; no personal names or dates.
- Monitor all your accounts for unauthorized transactions.
- Enable multi-factor authentication where possible to add an extra layer of security.
- Look for phishing attempts through email, phone calls, and text.
- Guard your personal information. Why does an organization need your birthdate or email address? Think twice as you fill out forms, online or on paper, even with entities you might already have a connection to.
- Recognize your vulnerabilities. If you are a social media user, examine how much personally identifiable information (PII) you post. Privacy settings are no guarantee, with hackers working diligently to steal and disrupt.
- Change those passwords. NOW!
The numbers are becoming mind-numbing when we hear about leaked passwords or organizations breached by cybercriminals. At this point, the only safe assumption about your cyber security is that you cannot afford to let your guard down.
Allow Commonwealth Sentinel to be your partner in risk reduction and ensuring the well-being of all. Our comprehensive services range from software and hardware solutions to training and policy implementation. Click here to set up a free cyber security consultation or contact us at (502) 320-9885 to learn more about how we can help you achieve peace of mind.