eHarmony confirms leak of their users' passwords
Posted on 07 June 2012.
News that an unknown individual leaked what appeared to be a batch of 6.5 million LinkedIn passwords on a Russian forum and asked for help in decrypting them spread like fire yesterday, and the users of the popular professional social network have been urged to change their passwords.

But alongside that batch another collection of passwords - containing 1.5 million unsalted MD5 hashes - was also leaked. The analysis of the already cracked passwords that were included pointed to the popular dating site eHarmony.

The speculation was confirmed later that day by Becky Teraoka, the Public Relations Manager at eHarmony, who wrote that "a small fraction" of their user base has been affected.

They reset the passwords for those members and have provided some tips on how to choose a good one.

But apart from offering very generic assurances about the site using "robust security measures" to protect their users' personal information, no explanations about how the leaked passwords ended up in the hands of the aforementioned malicious individual were given.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th