Connect with us

Hi, what are you looking for?

HEADLINES

Ten billion passwords got leaked. How to mitigate risks and protect yourself?

The database, named “rockyou2024.txt,” reportedly contains nearly 10 billion unique passwords, collected from thousands of data leaks. This massive compilation surpasses the previous record holder RockYou2021 by adding 1.5 billion new passwords.

In a significant security breach RockYou2024, nearly 10 billion unique passwords have been leaked on a widely recognized cyber forum. This record-setting release of passwords was sourced from decades of data breaches and has the potential to be exploited in future attacks.

The database, named “rockyou2024.txt,” reportedly contains nearly 10 billion unique passwords, collected from thousands of data leaks. This massive compilation surpasses the previous record holder RockYou2021 by adding 1.5 billion new passwords.

In response, Kaspersky’s experts have issued practical guidance to help users protect themselves in the aftermath of the extensive data compromise:

·        Check the breach impact

Advertisement. Scroll to continue reading.

When a data breach occurs, the first thing a user is advised to do is to check whether their data has been affected. Modern security solutions enable the detection of leaked data and provide alerts to enhance security measures if necessary. As well as internal services, there are some public sources that could help to detect whether personal data has been leaked or not.

·        Change your passwords as soon as possible

In the event of a data breach, it is essential to change your passwords immediately and consider all other sites where the same password is being used. New passwords should be unique for each account, be at least 8 characters long, combine letters with numbers and symbols. In order to check whether a combination is strong enough, a password checker can be employed.   

·        Block and reissue your bank card, if necessary

If payment data was stored by a service that experienced a data breach, it is best to block and reissue a card for added security. Usually reissuing a bank card doesn’t take too much time and effort, therefore preventing a greater inconvenience.

Advertisement. Scroll to continue reading.

·        Install a reliable password manager

A tool like this creates strong passwords and stores them securely in an encrypted vault. Besides, it is enabled to monitor data leaks and check if user’s passwords were compromised.

·        Don’t forget about two-factor authentication

Recent survey by Kaspersky[SM1]  revealed how easily compromised accounts can be without 2FA and strong passwords. To protect an account from unauthorized access, it is highly recommended to set up 2FA. This can be accomplished by receiving a confirmation via SMS, email, or using an authentication app or password manager that generates one-time codes.

·        Securely close unused accounts

Advertisement. Scroll to continue reading.

If there are no plans to continue using a service after a data leak, it is advisable to delete the account and request the complete removal of all collected data by contacting technical support or the address in the Privacy Policy. This step, often outlined in the “Your Rights” section of legitimate services, can also reveal the extent of data exposure.

·        Share only the essential minimum of personal information online

As massive service leaks are not uncommon, it is recommended to minimize information provided to a service. When you register, using a main email address is unnecessary: auto-substitution can be used instead. Additionally, if not required, omit the real name and residence address.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

GCash, a financial super app and cashless ecosystem, reaffirmed its commitment to trust, security, and collaboration with customers, stakeholders, and law enforcement to ensure...

HEADLINES

Senator Mark Villar recently filed a resolution seeking a senate inquiry on the trade of International Mobile Subscriber Identity (IMSI) catchers, which allow fraudsters...

HEADLINES

Under the DSA, Globe and GoTyme may share with digital bank GoTyme information about mobile numbers potentially used by fraudsters, including names, addresses, and...

HEADLINES

In 2024, Converge blocked a record 183 billion entry attempts to  683,000 URLs / domains it has registered in its system as illegal sites....

HEADLINES

HP threat researchers observed large campaigns spreading VIP Keylogger and 0bj3ctivityStealer malware that leverage the same techniques and loaders, suggesting the use of malware...

HEADLINES

Task scammers often impersonate representatives of notable brands such as Shopee Mall or Shopee’s HR Recruitment Team, luring victims with fake part-time or full-time...

HEADLINES

Palo Alto Networks predicts that 2025 is the year deepfakes go mainstream in Asia Pacific. If high-profile individuals can fall victim to identity fraud, children...

HEADLINES

Data privacy is more critical than ever, especially when social media platforms, AI chatbots and connected devices have increased publicly available digital footprints. This...

Advertisement