eHarmony daters' passwords leaked

7 Jun 2012, 6:03 pm   -   Source: AAP/SBS
Share This
+ Comment
0
Users of the social networking website LinkedIn were told to reset their passwords after security information was stolen. (File AAP)

Users of the social networking website LinkedIn were told to reset their passwords after security information was stolen. (File AAP)

Popular dating website eHarmony and professional network LinkedIn have gone into damage control after millions of users' passwords were leaked.

RELATED

The passwords of an undisclosed number of users of popular dating website eHarmony have been posted publicly on the Internet, sending the company into damage control.

"After investigating reports of compromised passwords, we have found that a small fraction of our user base has been affected," the company said on its blog.

Affected members' passwords had been reset, and they would be notified by email, the blog said.

"We are continuing to investigate but would like to provide the following actions we are taking to protect our members," it added.

LINKEDIN USERS AFFECTED

Millions of users of the social networking website LinkedIn were told to reset their passwords after security information was stolen.

The site, which is aimed at professionals and has in excess of 161 million members in more than 200 countries, was compromised and members' details were posted online.

LinkedIn director Vicente Silveira said in a statement: "We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts."

He said the company was investigating the security breach and added that those who were affected will notice their LinkedIn passwords will no longer be valid.

It is thought the passwords of more than 6.5 million people were stolen.

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," Silveira said.

"These members will also receive an email from LinkedIn with instructions on how to reset their passwords."

Users were told they should never change their passwords by following an link sent on an email.

"These affected members will receive a second email from our customer support team providing a bit more context on this situation and why they are being asked to change their passwords," Silveira added.

IT security and data protection firm Sophos said the leaked encrypted data does not include associated email addresses but warned that hackers will be working to crack the "unsalted" password hashes and "it is reasonable to assume that such information may be in the hands of the criminals".

"It would seem sensible to suggest to all LinkedIn users that they change their passwords as soon as possible as a precautionary step," Graham Cluley, senior technology consultant at Sophos, said.

"Of course, make sure that the password you use is unique - in other words, not used on any other websites - and that it is hard to crack.

"If you were using the same passwords on other websites, make sure to change them too. And never again use the same password on multiple websites."

Silveira said LinkedIn had recently improved its security, which included the "hashing and salting" of current password databases.

  • Follow us: 
  • Follow us on Facebook
  • Follow us on Twitter
  • Follow us on Youtube

Join the Discussion

Name
City / Suburb E.g. Artarmon, Sydney
Title
Comment
You have characters remaining.
Validation
What's this?
This is a captcha-picture. It is used to prevent mass-access by robots.
All submitted comments become the property of SBS. They are moderated, so we reserve the right to edit comments and remove HTML tags. Not all submitted comments will be published. Publication does not mean we endorse the opinions expressed. Please read our terms and conditions for more information.