Global password alert: Hackers release 10 billion stolen logins

Everyone with an account on LinkedIn, X (formerly Twitter), MySpace, MyFitnessPal, Canva, Badoo, and several other sites should change their password immediately. Hackers have released over 10 billion login credentials.

The perpetrator stealing nearly 10 billion login records goes by the pseudonym ObamaCare. The hacker boasted about his work, which he named "RockYou2024."

Cybercriminals have acquired 8.4 billion passwords since 2021. The remaining 1.5 billion records are from the period 2021–2024.

Christmas came early this year. I present to you the new RockYou2024 password list containing over 9.9 billion passwords, - wrote the user ObamaCare on the forum.

The entire package containing logins and passwords was published in a .zip file of 49 GB. This data comes from sites:                            

• X (formerly Twitter – 281 million records),
• AdultFriendFinder (220 million),
• MyFitnessPal (151 million),
• LinkedIn (251 million), Adobe (153 million),
• Canva (143 million), Adobe (153 million),
• JD.com (142 million),
• Wattpad (271 million),
• VK (101 million),
• Youku (100 million),
• Badoo (127 million),
• Adobe (153 million),
• Deezer (1369 million),
• MySpace (360 million),
• Weibo (504 million),
• Tencent (1.5 billion).

The two portals with the most stolen login data are Chinese sites. The file regarding the Tencent platform has 1.5 billion records, while the one about the Weibo social platform has 504 million.

Every internet user can check if their data has been stolen by entering their password on the Cybernews site.

If your password has been stolen, it must be changed immediately on all accounts logging in. Experts advise choosing solid and unique combinations, using password managers, and using multi-factor authentication.