Security Researchers Reassure Users ‘Not To Panic’ As RockYou2024 Security Breach Is Full Of Junk
At the start of this month, we saw claims about a major security breach called RockYou24 that was highlighted as a huge hacking incident involving user passwords.
Some experts spoke about how an entire database featuring 10B user passwords was leaked or stolen from previous attacks. But a new analysis says there’s nothing to worry about and perhaps it was more like a false alarm than anything else.
The database might give off the appearance that it’s a huge goldmine where attackers have stored sensitive credentials of users but in reality, it’s full of more junk than any useful data.
Many of the passwords were confirmed to be useless as per a leading security expert named Ata Hakcil who managed to examine the incident featuring data worth 150GB.
One specific reason might be related to most of the passwords being more than 20 characters long and that’s not usual for any password length seen today. Moreover, more text entries are longer while in other cases, you’ll simply find brand names and words that fail to make an impact.
It’s more or less like the hacker managed to pull out random text terms or phrases from the World Wide Web rather than get access to users’ passwords. And if you use filters to shrink the so-called character lengths of the passwords, you’ll be so amazed at how the figures reduce immensely from nearly 10B to half that figure.
Scattered characters were also very commonly found and these indicated how they were scraped online in the most random manners from password generators, instead of getting exposed in real data breaches featuring customer data. In that manner, most passwords aren’t even being used in the first place.
This made the security expert and researcher show the world the green light in terms of how they’ve got nothing to worry about and that scare was not to be taken seriously at all, adding how no need to panic.
Experts at Specops Software mentioned how they did their own analysis on this front and it was found that there was again nothing to worry about and the conclusion they reached was also similar to that found previously. Neither was it dubbed useful nor was it seen as a threat.
It was simply categorized as a wordlist that couldn’t be used to target victims, some going as far as to add that it’s garbage data.
Many were worried about the breach as it was deemed to be one of the biggest hacking incidents in a long time featuring leaked passwords belonging to billions. But the fact that it comes from such low-quality resources was in itself a major flag, to begin with.
Some of the wordings are in Russian and feature random figures and characters, making zero sense. Hence, to sum it up, these are like an archive of data strings and there’s simply nothing worth a discussion.
Image: DIW-Aigen
Read next: WhatsApp Launches New Favorites Filter For Quick Access To Important Chats
