updated 09:20 pm EDT, Thu June 7, 2012
Millions of passwords exposed, hacked on Russian forum
Music purveyor Last.fm and online dating matching service eHarmony have both recently announced that they are the victims of an assault by hackers. Both Last.fm and eHarmony have published brief statements about the break-ins, with little data about previous or new security precautions implemented as a result of the leak. The news comes days after the high-profile breach on LinkedIn.
All three companies have locked down leaked accounts, and sent emails to the users affected by the breach with instructions on how to change their passwords. According to Internet security consultants Sophos, 6.5 million passwords just from LinkedIn were revealed, and at least 60 percent of those passwords have been cracked less than three days after public distribution.
If a user has been practicing good security techniques, with a unique password for each online account using a mix of upper and lower case letters including numbers and symbols as the site's login mechanism allows, then there is little danger to the user after the password is changed on the breached service. The worst-case scenario is a leaked dictionary-word password that is used across several services, or used in financial transactions for e-commerce or banking.