A massive security breach, RockYou2024, has leaked nearly 10 billion unique passwords from decades of data breaches, potentially allowing future attacks. The database, “rockyou2024.txt,” contains 1.5 billion new passwords, surpassing the previous record set in 2021.

Kaspersky’s experts have issued practical guidance to help users protect themselves in the aftermath of the data compromise.

Check the breach impact

Users should immediately check if a data breach has affected their data, and modern security solutions like Kaspersky Premium can detect leaked data and provide alerts for improvement.

As well as internal services, these picture sources could help detect whether personal data has been leaked or not.

Change your passwords as soon as possible

To prevent data breaches, change your passwords immediately and consider all sites with the same password. New passwords should be unique, at least 8 characters long, and include letters, numbers, and symbols.

To check whether a combination is strong enough, a password checker can be employed.

Block and reissue your bank card, if necessary

To ensure security and prevent inconvenience, it is recommended to block and reissue a bank card if payment data was compromised by a compromised service.

Install a reliable password manager

A tool like this creates strong passwords and stores them securely in an encrypted vault. It also monitors data leaks and checks if users’ passwords were compromised.

Don’t forget about two-factor authentication

A recent survey by Kaspersky revealed how easily compromised accounts can be without 2FA and strong passwords. Setting up 2FA is recommended to safeguard an account from unauthorized access, facilitated by confirmation via SMS, email, or an authentication app or password manager.

Securely close unused accounts

To prevent data leaks, delete an account and request data removal from the service by contacting technical support or the Privacy Policy address. This step, often outlined in legitimate services’ “Your Rights” section, can reveal the extent of data exposure.

Share only the essential minimum of personal information online

To prevent service leaks, it’s advisable to reduce information provided, opt for auto-substitution when registering, and omit personal information if not necessary.