43M Last.fm Passwords Hacked in 2012 Breach

...

In 2012, Last.fm revealed that it had been hacked. But we're just now learning the severity of the breach—and it's pretty bad.

According to a report from LeakedSource, the four-year-old Last.fm breach affected more than 43 million users.

To be really clear, the stolen data set contains 43,570,999 records, each which includes a username, email address, password, join date, and "some other internal data," reported LeakedSource, which uncovered information about a number of other high-profile breaches as of late.

Last.fm knows about the incident, and in June 2012—three months after the breach occurred—issued this statement:

"We are currently investigating the leak of some Last.fm user passwords. This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we're asking all our users to change their passwords immediately."

Up until now, the number of records involved in the breach was unknown.

The UK-based online music service did not immediately respond to PCMag's request for comment.

Passwords were stored using unsalted MD5 hashing, which isn't saying much.

"This algorithm is so insecure it took us two hours to crack and convert over 96 percent of them to visible passwords," LeakedSource said.

Unsurprisingly, the most popular password was "123456," used by more than 250,000 people; "password" came in second, followed by "lastfm." Rounding out the top 10 most popular Last.fm passcodes of the year were the equally bad "123456789" (number four), "qwerty" (five), "abc123" (six), "abcdefg" (seven), "12345" (eight), "1234" (nine), and "music" (10).

For more, see PCMag's review of Last.fm and the slideshow above.

Categories
GAMES
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Get Ready for the Mobile Pay Explosion

    Who is leading the mobile payment race?After Apple Pay, Android Pay, Samsung Pay and others jumped in to compete with PayPal, there was an expectation that mobile pay would transform the way consumers think about and relate to money.
  • 5300c769af79e

    Verizon Moves Ahead With 5G Specs

    It tells the company's partners—everyone from smartphone makers to the contractors that maintain its network—exactly what they'll have to do to build, maintain, and offer devices that play nice with Verizon's 5G network.To develop the specification, Verizon sought input from a group of partners, including Cisco, Ericsson, Intel, LG, Nokia, Qualcomm, and Samsung.
  • 5300c769af79e

    Verizon's Mission of Self-Destruction

    However, over the last decade or two, every time Verizon workers' contracts have come up for renewal, the process has been longer, uglier and messier.While past strikes quickly faded away, the damage to Verizon's reputation was more serious this time.
  • 5300c769af79e

    Webpass Buy Lets Google Fiber Extend Its Tentacles

    are resisting their duty of providing non-discriminatory access," he wrote.It is building out infrastructure in Charlotte, North Carolina; Huntsville, Alabama; San Francisco; Raleigh-Durham, North Carolina; and San Antonio, Texas.