Kaspersky Offer Advice Amid Unprecedented 10bn Password Leak

Kaspersky argues the lessons learned should be one of better cyber hygiene
The RockYou2024 leaks has put nearly10bn unique passwords online, but Kaspersky has identified easy ways to ensure you won't be on those potentially at ris

In a startling development that has sent shockwaves through the cybersecurity community, nearly 10bn unique passwords have been leaked in what is being called the largest compilation of its kind in history. 

The database, dubbed "rockyou2024.txt," was recently shared on a prominent hacking forum, surpassing the previous record holder by 1.5bn passwords.

In response to this massive security breach, Kaspersky, one of Europe’s most-used cybersecurity firms, has issued comprehensive guidance to help users protect themselves from potential threats.

What to be wary of

The RockYou2024 leak represents a significant escalation in the ongoing battle for digital security. 

In fact, this leak builds upon the RockYou2021 leak, which contained 8.4 billion password and was then at the time the biggest. 

Published on a well known hacking forum, this leak was a collection of passwords that have been amassed from thousands of data breaches over decades.

Despite this, it still poses a severe risk to users who reuse passwords across multiple accounts. 

Kaspersky therefore outlined several key steps for users to safeguard their digital identities. 

Youtube Placeholder

Actions to implement

First and foremost, individuals are urged to check whether their data has been compromised using available security solutions and public resources. 

If affected, immediate password changes are essential, with an emphasis on creating strong, unique combinations for each account. 

Although a simple remedy, it is surprising how many companies or individuals within them do not address this. 

Mandiant analysis of the Snowflake data theft found that the accounts affected had their credentials stolen in earlier malware campaigns but had not been changed.

On the same page as passwords, is the lack of variety used in them. The risk is particularly acute for users who recycle passwords across multiple platforms, as a single compromised account could lead to a cascade of breaches across multiple websites.

Kaspersky therefore advocates for users to install a password manager to securely deal with the credentials of various systems.

These tools can generate and securely store complex passwords, significantly reducing the risk of a number of your accounts being hacked following a leak of one. 

Another issue Mandiant found of those effects in the Snowflake data theft, and one that Kaspersky is bringing up is two-factor authentication. MFA provides an additional layer of security that can thwart attackers even if passwords are compromised. By requiring a second form of verification - such as a fingerprint, a temporary code sent to a mobile device, or a hardware token - MFA significantly raises the bar for potential intruders.

Cyber hygiene as standard

The RockYou2024 leak serves as a stark reminder of the ever-present threats in our digital landscape, and Kaspersky argues the lessons should be one of better cyber hygiene

It’s a simple, yet effective way to secure the basics of a system from hackers looking to take advantage.

Alongside the main thrusts of threat management mentioned above, the company advises users to regularly review and close unused accounts, minimising their digital footprint and reducing potential attack surfaces.

Additionally, they stress the importance of sharing only essential personal information online, a practice that can limit exposure in future data breaches.

While the scale of this breach is unprecedented, Kaspersky's proactive response provides a clear path forward for users seeking to protect themselves. 


Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024


Cyber Magazine is a BizClik brand


Featured Articles

UK Takes Steps to Strengthen Country's Cyber Security

The new government have made cybersecurity one of their top priorities as they lay out their plans for what they intend to do in power

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

BlueVoyant has unveiled a new Cyber Defense Platform which aims to tackle the growing attack surface introduced by the ecosphere of third-party vendors

Irdeto’s Andrew Bunten Talks Securing Online Content Streams

With online streaming services being bigger than ever, Irdeto’s Andrew Bunten explains how they manage to keep streams safe despite the huge attack surface

Fortinet Cyber Survey Shows Global Scope of Skills Gap

Operational Security

What ChatGPT Passing an Ethical Hacking Exam Means for Cyber

Technology & AI

Learn How CTEM can Upskill Your Cyber Strategy

Network Security