Jump to content



Photo
- - - - -

Last.fm password leak - update your passwords.


  • Please log in to reply
12 replies to this topic

#1 shrike4242

shrike4242

    Not My Job Anymore, Go Bother Someone Else.

  • CAGiversary!

Posted 07 June 2012 - 08:14 PM

Since I know a number of CAGs use last.fm, they appear to have been hacked with some passwords getting out via a leak:

http://www.last.fm/passwordsecurity

Password change link, if you can't access your last.fm account:

https://www.last.fm/...gs/lostpassword

#2 kodave

kodave

    CAGiversary!

  • CAGiversary!

Posted 07 June 2012 - 08:26 PM

Son of a bitch.

Any word on if the passwords were at least encrypted?


#3 Angry Man

Angry Man

    REV-OH-LU-TION!

  • CAGiversary!

Posted 07 June 2012 - 08:35 PM

Thanks for posting shrike. I normally change my passwords around every three months so this is a good reminder for me to change them around.

New sig coming soon.


#4 shrike4242

shrike4242

    Not My Job Anymore, Go Bother Someone Else.

  • CAGiversary!

Posted 07 June 2012 - 08:40 PM

Son of a bitch.

Any word on if the passwords were at least encrypted?

Not sure.

This was the source article that I ran across it:

http://arstechnica.c...heir-passwords/

#5 speedracer

speedracer

    Get off my lawn

  • CAGiversary!

Posted 07 June 2012 - 09:03 PM

Time to man up and Lastpass/Keepass/etc. folks. This ain't the good old days. You need to have a different password for every single site to prevent hacks across your digital identity.

Someone out there has Last.fm, LinkedIn, and eHarmony and has the same 3 passwords out there in hash form. That ish won't take long to figure out and it'll make figuring out the salt a little easier too.
Posted Image

#6 eLefAdEr

eLefAdEr

    All Systems Go

  • CAGiversary!

Posted 07 June 2012 - 09:08 PM

Time to man up and Lastpass/Keepass/etc. folks. This ain't the good old days. You need to have a different password for every single site to prevent hacks across your digital identity.

Someone out there has Last.fm, LinkedIn, and eHarmony and has the same 3 passwords out there in hash form. That ish won't take long to figure out and it'll make figuring out the salt a little easier too.


I keep an encrypted spreadsheet with all of my passwords and I rotate them every quarter. It's a bit of a pain to do, but I'm the worrier-type so I sleep a little better knowing my passwords are mostly useless in the wrong hands.

According to LinkedIn, my password wasn't compromised. If anyone here did get theirs taken, did LinkedIn send you a form email regarding this breach?

edit: I'm now looking into these password manager sites (Lastpass, Keepass, etc). Thanks for the mention, speedracer.

#7 VipFREAK

VipFREAK

    Fun Knee!

  • CAGiversary!

Posted 07 June 2012 - 09:09 PM

Can whoever is doing this shit cut it the Fuck out... I haven't used this shit in eons and can't remember my damn passwords... :\

My Summer Motto: "When Nature turns off the damn heat I'll turn off my A/C"


Trade List

#8 zewone

zewone

    Thursday

  • CAGiversary!

Posted 07 June 2012 - 09:32 PM

Thanks, Shrike.

#9 Survivalism

Survivalism

    CAG's Lance Boyle

  • CAGiversary!

Posted 11 June 2012 - 03:22 PM

Yeah it's bullshit, someone listened to a bunch of Dashboard Confessional on mine.
[URL="http://gamercards.exophase.com/psn/user/theunvisible/"]Posted Image[/URL]

Spoiler

#10 DurbanBrown

DurbanBrown

    to the MOON

  • CAGiversary!

Posted 11 June 2012 - 05:38 PM

yeah it's bullshit, someone listened to a bunch of dashboard confessional on mine.


for real? Wtf. Im changing mine asap

Zombies-Sig.jpg

last.fm: shroomer1999                                                                  Designed By Lilchiji


#11 KaneRobot

KaneRobot

    The Profit$ of Doom

  • CAGiversary!

Posted 12 June 2012 - 05:16 AM

Yeah it's bullshit, someone listened to a bunch of Dashboard Confessional on mine.


That's the worst thing I've ever heard. Sorry man.

Also, THIS IS FUCKING ANNOYING. Just waiting for the day when Amazon or Facebook finally gets compromised.
Posted Image

#12 kodave

kodave

    CAGiversary!

  • CAGiversary!

Posted 12 June 2012 - 06:25 AM

Apparently this might be an old hash and the hash might have already been cracked years ago that was ignored by Last.fm, according to some things I read online - but who can really confirm or deny these things? According to what I read, the cracking of the hash list was crowd sourced, but whoever stole the list in the first place now likely has the complete list of logins and cracked passwords to distribute or use as they see fit.


#13 XxFuRy2Xx

XxFuRy2Xx

    CAGiversary!

  • CAGiversary!

Posted 12 June 2012 - 02:53 PM

This is so incredibly lame. Just went ahead and deleted my last.fm account.