Nearly 10 billion passwords worldwide were found to have been leaked to hacker forum sites via a new cyberattack script called RockYou2024.

Cybernews' research team reportedly found a staggering 9,948,575,739 unique passwords stored in plaintext by forum user ObamaCare. The leak was posted on the 4th of July, Independence Day.

The password leaks are believed to be an update on the RockYou2021 data leak, which compiled over 8 billion passwords from various data breaches since 2009.

This means that hackers were able to access an additional 1.5 billion passwords, or 15%, since 2021.

The compilation uploader ObamaCare itself has contributed to the leaks after posting employee passwords from law firm Simmons & Simmons, online casino AskGamblers, and Burlington County's Rowan College student applications.

RockYou2024 Could Intensify Data Breaches

Cybernews researchers have already issued a public warning about how the RockYou2024 password compilation could intensify further data breaches as hackers use the compromised accounts to power their cybercrime operations.

According to the report, hackers can impersonate affected accounts to target bigger corporations and services thanks to the illegal access provided by the leak.

Cybercrime groups can also employ the accounts to power scam operations to appear more legitimate to unsuspecting victims.

At least billions of accounts, or millions of people, are estimated to be affected by this increased risk of cyberattack.

How to Defend Against Password Leaks?

With the increase of cyberattack operations targeting people's passwords, it is recommended to switch to password-less security systems for added protection.

This means leveraging biometric recording tools and other non-verbal security alternatives to prevent hackers from easily accessing people's verifications.

A survey from February even showed how over 78% of tech companies have declared intentions to transition towards password-less systems to combat growing threats of cyberattacks and data breaches.