Posted on 06/09/2021 6:47:55 AM PDT by ken in texas
Shortly before Apple CEO Tim Cook took the virtual stage at the iPhone maker’s Apple Park headquarters campus for WWDC 2021 on Monday — at which the company unveiled a ton of new software updates, including some major new privacy enhancements — an email landed in my inbox underscoring how critical those privacy features are going to be once they roll out with iOS 15. Basically, there’s been another huge data leak, this time exposing several billion passwords in what just might be the biggest dump of passwords online ever.
This news comes via the team at CyberNews, which reports that a 100GB text file containing a staggering 8.4 billion password entries was just leaked on a popular hacker forum. This data set presumably combines passwords stolen via previous data breaches and leaks, and it’s been dubbed the “RockYou2020” password leak on that hacker forum. That name was apparently chosen, per CyberNews, as a nod to the RockYou data breach from back in 2009, “when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text.”
--- end excerpt ---
(Excerpt) Read more at bgr.com ...
This might be the mother of all password leaks, with billions of credentials exposed.
8.4 Billion Passwords Hacked, Leaked Online. Check to See if Yours Is Among Them.
If this is true it might be ping-worthy.
Thanks to ken in texas for the ping!
I’m always cautious when they want your email. Why check, just change passwords to be safe.
I saw that article in the Liberty Daily. It has links to check if your email or password has been compromised. Or is it to ensure your email address and password ARE compromised?
I looked at these articles. What is missing is where were these passwords stored? Apple? It is not clear. If the article was clear about where the passwords were that were leaked, then a person could understand if they have exposure or not.
I think password leaks are the cause of 99% of hacking. Thus the solution needs to better password schemes.
Here are three possibilities:
1. Require two or more different passwords to be entered by two or more different designated people.
2. Have a delay of some amount of time before the password is accepted, and notify designated individuals during the delay period that entry has been requested and by whom.
3. Allow password entry only at certain times. I think bank vaults aren’t openable except at a certain time each day.
I have several email accounts that have been compromised.
Also, check accounts like LinkedIn, Facebook, etc.
I have been changing passwords all morning.
You both raise valid points. Just putting the info out there.
And it’s appreciated.
About the only defense we have is to change critical passwords regularly and have one email account that is strictly for financial business. I’ve even considered buying a cheap Chromebook to use only for banking and investment log-ins.
I work in IT and I have to manage at least 40 passwords each on a different change schedule . So many passwords that I have to manage the in a password protected spreadsheet.
I would say that at least 20% of my day is putting in a damned system password. I would get no work done if I had to wait for a second person to sign in for everything I did.
I like that.
My password’s as safe as can be: “Password”
I have worked at technology companies since the 70’s.
In the 80’s, engineers - Dilbert types, all brought their OWN computers to work. We had TI-99’s, Commodore 64’s and 128’s, TRS-80’s, Macintoshes and even Timex Sinclairs ................................
I had one!
With the 16k memory pack!................
Ah, the good old days. ;-)
Those are collectible.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.