Vida Celular

All about the best cell phones

In a forum of hackers, a file containing a compilation of more than 8,4 billion passwords was leaked. The document was posted in text format by the author, contains 100 GB of records and is made up of previous leaks and new occurrences over the past few years.

To get an idea of ​​the size of what is being considered the largest password leak of all time, just keep in mind that there are 4,7 billion people connected to the internet today. Therefore, the number of passwords leaked in the compilation is almost double this number.

According to the author of the forum post, all Passwords included in the leak are 6 to 20 characters long (non-ASCII characters and whitespace have been removed). The website cybernews ran its own tests to reach what it calls the exact number of passwords: 8.459.060.239. The compilation was dubbed “RockYou2021” by the forum user, a name that refers to a massive leak of user data and passwords that occurred in 2009. At the time, RockYou, a company that develops widgets for social networks, suffered a data breach that resulted in 32 million accounts being leaked in plain text.

Now, 12 years later, the compilation's size brings a password leak 258 times larger. RockYou2021 is being compared to COMB21 (acronym for Compilation of Many Breaches), which has been circulating on the internet since February of this year with 3,2 billion exposed passwords (including 68.535 passwords linked to email addresses with domains linked to the Brazilian government. In the RockYou2021 compilation, there are leaked passwords in COMB21, as well as passwords from several other databases.

How criminals can use the leak and what can be done to protect yourself

By combining 8,4 billion unique password variations with other breach compilations that include usernames and email addresses, cybercriminals can use the RockYou2021 compilation to assemble a password dictionary and launch password spraying attacks against countless online accounts. This type of hacking is, in short, spraying small handfuls of commonly used passwords across a large number of accounts. Since most people use the same password for multiple apps and websites, when one account is compromised in the password spraying, many others are affected in parallel.

CyberNews reports that it is loading the password entries from the RockYou2021 compilation into its personal data leak verification quality leaked password check and it is now possible to check the status of emails, telephones and passwords in relation to current or previous leaks. Anyone can access the tools, which are easy to use.

If your data has been compromised, make sure to change your passwords on your online accounts, always enabling two-factor authentication, one of the main procedures for prevent data leakage. It is also very important to be careful with incoming emails, unsolicited texts and messages from Phishing. Don't click on anything that looks suspicious, including emails and text messages from senders you don't recognize. You can also follow these 6 tips to avoid cell phone scams that we post here.

Through which channels you reach those people, classic and out of the box. BGR

Image: Markus Spiske/Pixabay/CC