Are you a professionally-savvy gamer looking for a date?
Well, turn down the internet radio and listen up because your passwords are
probably compromised.
Over the last few weeks, we’ve seen an unprecedented number
passwords leaked. Here’s a rundown of what’s been happening, site by site.
LinkedIn
Over 6 million hashed passwords were published last week on
a Russian forum site. Many experts are speculating that the list may actually
be substantially larger and that many simple passwords that were quickly
cracked have been left off. Despite many members reporting that they had
identified their own password on the list, the company really took their time
in confirming the authenticity of the list.
First, it’s important to know that compromised passwords
were not published with corresponding email logins. At the time they were
initially published, the vast majority of those passwords remained hashed, i.e.
encoded, but unfortunately a subset of the passwords was decoded. Again, we are
not aware of any member information being published at any time in connection
with the list of stolen passwords. The only information published was the
passwords themselves.
League of Legends
Riot Games, publisher of the popular real-time-strategy game
League of Legends, announced Saturday that player information and hashed
passwords in two of their three servers (EU West and EU Nordic & East) had
been accessed by hackers.
The company’s blog
reports that the stolen information included hashed passwords, players’ first
and last names, home addresses, security questions and answers, and email
addresses.
Last.fm
The popular internet radio site had about 1.5 million hashed
passwords leaked to a password cracking forum last week. But here’s the best
part – while the hacked list was only published last week, a story is
developing that the actual security breach happened months ago.
In May, Last.fm users took to the company’s forums,
reporting that they were receiving unprecedented levels of spam. In response, the company ran a security audit
and said that no breach was detected.
However, reddit user mingaminga is now claiming that the password list is 17 million strong and was privately discussed at hacker
convention DEFCON 2011 which took place in August of last year.
Last.fm says they have not yet identified the security
vulnerability that led to the leak.
eHarmony
Details are murky with the eHarmony password breach, but it looks
like about 1.5 million passwords were leaked online. According to the company’s
blog,
all members using one of the exposed passwords will be prompted to change it.
eHarmony last updated members on June 7th and
said they do not believe any information other than passwords has been
compromised.
No comments:
Post a Comment