On the origin of the infamous 'rockyou.txt' wordlist...
Holy crap, it never appeared to me that this was the actual origin of the infamous
rockyou.txt wordlist used in many a password cracking applications:
Back in 2009, a company named RockYou was hacked. This wouldn't have been too much of a problem if they hadn't stored all of their passwords unencrypted, in plain text for an attacker to see. They downloaded a list of all the passwords and made it publicly available.
The Wikipedia entry for a web company called 'RockYou' also seems to sort of confirm this. And so it began... probably later aided by countless database breaches from reckless companies to form the 14-million+ gargantua we have today.
Lessons learned? A teeny-tiny password can go a long way to become a huge liability itself. If not for your website, for everyone else's!