Browse archive

Latest news

Fighting cybercrime is on the right track

Google set to upgrade its SSL certs

IT security pros have trouble communicating with executives

Zeus variants are back with a vengeance

Facebook phishers target Fan Pages owners

Killer apps: The performance of networked applications

Is it time to professionalize information security?

Google researcher reveals another Windows 0-day

Twitter finally offers 2-factor authentication

DHS employees' info possibly compromised due to system flaw

Teens are into online sharing, but are also more privacy-aware

The dangers of downloading software from unofficial sites

Microsoft decrypts Skype comms to detect malicious links

Review: Logging and Log Management

Hacking charge stations for electric cars

eHarmony confirms leak of their users' passwords

Posted on 07 June 2012.

News that an unknown individual leaked what appeared to be a batch of 6.5 million LinkedIn passwords on a Russian forum and asked for help in decrypting them spread like fire yesterday, and the users of the popular professional social network have been urged to change their passwords.

But alongside that batch another collection of passwords - containing 1.5 million unsalted MD5 hashes - was also leaked. The analysis of the already cracked passwords that were included pointed to the popular dating site eHarmony.

The speculation was confirmed later that day by Becky Teraoka, the Public Relations Manager at eHarmony, who wrote that "a small fraction" of their user base has been affected.

They reset the passwords for those members and have provided some tips on how to choose a good one.

But apart from offering very generic assurances about the site using "robust security measures" to protect their users' personal information, no explanations about how the leaked passwords ended up in the hands of the aforementioned malicious individual were given.