RockYou was a social media widget company (popular Facebook/MySpace apps) that stored all 32 million user passwords in plaintext — with no hashing whatsoever. A SQL injection exploit allowed a hacker to dump the entire database in December 2009. The attacker posted the full 32-million plaintext password list publicly. While RockYou is largely forgotten as a company, its breach became one of the most lasting contributions to cybersecurity — the ‘rockyou.txt’ password wordlist derived from this breach is included by default in Kali Linux and is the most commonly used wordlist for password cracking in penetration testing and security research. The list revealed the most common passwords in use (123456, password, etc.) and has been used in billions of password attacks since. The breach is a canonical example of the absolute requirement to hash (not store) passwords, and the rockyou.txt wordlist remains in active use over 15 years later.