(NewsNation) — The largest collection of stolen passwords ever has been leaked to a popular hacking site, according to cybersecurity researchers at Cybernews.

Researchers discovered the file named RockYou2024 posted by user “ObamaCare” on July 4 with 9,948,575,739 unique plaintext passwords.

“The Cybernews team believes that attackers can utilize the ten-billion-strong RockYou2024 compilation to target any system that isn’t protected against brute-force attacks. This includes everything from online and offline services to internet-facing cameras and industrial hardware,” researchers said in a news release.

What should you do to protect yourself?

Cybernews said it will add data from RockYou2024 to its Leaked Password Checker, allowing consumers to check if their credentials were exposed in this latest leak.

While there is no single solution to protect consumers with exposed passwords, Cybernews advises consumers to:

• Reset passwords immediately for all accounts associated with leaked passwords and choose strong, unique passwords that are not reused across multiple platforms.
• Enable multi-factor authentication wherever possible to enhance security by requiring additional verification beyond a password.
• Use password manager software to securely generate and store complex passwords, mitigating the risk of password reuse across different accounts.

What is RockYou2024?

Cybernews said the passwords in the file uploaded by ObamaCare are not new. By cross-referencing the RockYou2024 leak with data from the Leaked Password Checker, researchers found that these passwords came from a “mix of old and new data breaches,” likely collected from over 4,000 databases over the past 20 years.

Credential stuffing, where hackers use information from one data leak and attempt to log onto other websites, poses significant threats to businesses and consumers. Recent hacks targeting sites like Ticketmaster and Advance Auto Parts resulted from such attacks, according to Cybernews.

Three years ago, the RockYou2021, containing 8.4 billion passwords, was the largest password leak at the time. Cybernews analysis of the document revealed that it included 10 billion passwords with 1.5 billion being new passwords leaked from 2021 through 2024.