The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

Publicly reported U.S. data compromises tracked by the Identity Theft Resource Center since 2005.

View Data Breach Notification Reports, which include how many breaches are reported each year and the number of affected residents.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

Image

https://www.googleapis.com/download/storage/v1/b/kaggle-user-content/o/inbox%2F1842206%2Ff29f742e3d48f66bf0eccf60abf631d1%2Frockyo2.png?generation=1720539563047126&alt=media" alt="">

Kaggle Previous Version of RockYou.txt

https://www.googleapis.com/download/storage/v1/b/kaggle-forum-message-attachments/o/inbox%2F1842206%2F0e4b20e3662c065318f7feefb42ef785%2Foriginal.png?generation=1720578063663708&alt=media" alt="">

The original RockYou.txt dataset was uploaded by @wjburns 5 years ago, with 95K downloads and 640 upvotes, which means Kaggle allows this type of data for research and educational purposes.

Files

I separated the single 160GB txt file into smaller files with filenames based on first character to make it easier to utilize for those with less powerful machines.

• letters (A-Z)
• digits (0-9)
• dollarsymbol ($)
• symbols (other symbols)
• others (those that cant be categorized by any of those above)

Note

• The original 160GB file was written with an encoding of utf8, I used the same encoding for the files above.
• The contents of the files above are UNSORTED
• The contents are NOT DEDUPLICATED

History

• https://en.wikipedia.org/wiki/RockYou

Everyone involved with Capture The Flag (CTF) has used the infamous rockyou.txt wordlist at least once, mainly to perform password cracking activities. The file is a list of 14 million unique passwords originating from the 2009 RockYou hack making a piece of computer security history. The “rockyou lineage” has evolved over the years.

https://www.youtube.com/watch?v=0_mQACSn6XM" alt="">

RockYou2024.txt

With the 2021 version we touched high numbers but with the newest release is the (apparently) ultimate amalgamation. RockYou2024 has been released by the user “ObamaCare” . This new version added 1.5 billion of records to the 2021 version reaching the 10 billions records. A wordlist can potentially be used for a multitude of tasks and having this number of records in a single file, especially in 2024 with increasingly aggressive data breaches, is a dream come true for attackers. The user have not specified the nature of the additional records but punctualize the new data comes from recent leaked databases.

From The New RockYou2024 Collection has been published!

Source

I got it from https://github.com/hkphh/rockyou2024.txt, but it was originally shared by a certain aka ObamaCare which I don't have any affiliation nor association with.

Original TxtFile

In case you'd like to process the RockYou2024.txt yourself, you can find it here ❗Original RockYou2024.txt zip file

Strong Passwords Only

In case you'd like to see only the "Strong Passwords", you can find it here ❗180 Million "Strong Passwords" in RockYou2024.txt

Cover Image

Generated with Bing Image Generator