Important Message

RockYou2021 Leak: Time to Change Your Passwords

The RockYou2021 password leak is reported to be the biggest password leak to date and could potentially affect everyone who uses the internet. Now is the time to update your passwords.

The RockYou2021 leak reported by CyberNews earlier this month refers to the name of the file containing 8.4 billion password entries that is presumed to be compiled from information stolen in earlier data breaches and leaks. This massive file was leaked online by a user in a hacker forum.

Likelihood of Impact

The CyberNews leaked password checker or personal data leak checker may help you find out if your password or other sensitive data has been compromised. Other online resources also offer this service. Considering the internet only has approximately 4.7 billion users, and the number of passwords in the leaked compilation is almost twice that, there's a strong chance you could be impacted. We recommend you change your passwords now.

Caution Against Reusing Passwords

Criminals can combine the leaked passwords with other stolen data like usernames and email addresses to attempt access to numerous online accounts through widespread staged attacks. They know that many people reuse the same password across websites and applications, which multiplies the number of times they could successfully access an online account. Everyone who uses the internet is vulnerable because of this leak, but those who are using the same password more than once face an even greater risk. 

Securing your sensitive personal information is an important part of protecting your financial well-being. We strongly encourage you to take the time to change your online account passwords using our list of secrets to a great password.

Your Passwords May Have Been Compromised

  • Change passwords for all of your online accounts. It's a good practice to update them frequently, even when there's not a massive event like RockYou2021.
  • Add a code word to help prevent account takeover in person, over the phone and even online. A code word prevents someone from resetting your password if they have your username and an old password.
  • Use multi-factor authentication (codes sent via text or email) for all of your online accounts when possible. Don't share one-time security codes with anyone.
  • Beware of spam email and unsolicited texts and email phishing attempts you may receive. Don't click any links in suspicious messages (even if they look legitimate).
  • Refer to our ID theft checklist for the steps to take if your identification is stolen.