Jump to content


- - - - -

Last.fm password leak - update your passwords.


#1 shrike4242   Not My Job Anymore, Go Bother Someone Else. CAGiversary!   41556 Posts   Joined 10.7 Years Ago  

Posted 07 June 2012 - 08:14 PM

Since I know a number of CAGs use last.fm, they appear to have been hacked with some passwords getting out via a leak:

http://www.last.fm/passwordsecurity

Password change link, if you can't access your last.fm account:

https://www.last.fm/...gs/lostpassword

#2 kodave   Huh. CAGiversary!   4339 Posts   Joined 5.7 Years Ago  

Posted 07 June 2012 - 08:26 PM

Son of a bitch.

Any word on if the passwords were at least encrypted?


#3 Demolition Man   REV-OH-LU-TION! CAGiversary!   14820 Posts   Joined 10.7 Years Ago  

Demolition Man

Posted 07 June 2012 - 08:35 PM

Thanks for posting shrike. I normally change my passwords around every three months so this is a good reminder for me to change them around.

New sig coming soon.


#4 shrike4242   Not My Job Anymore, Go Bother Someone Else. CAGiversary!   41556 Posts   Joined 10.7 Years Ago  

Posted 07 June 2012 - 08:40 PM

Son of a bitch.

Any word on if the passwords were at least encrypted?

Not sure.

This was the source article that I ran across it:

http://arstechnica.c...heir-passwords/

#5 speedracer   Banned Banned   3735 Posts   Joined 11.3 Years Ago  

speedracer

Posted 07 June 2012 - 09:03 PM

Time to man up and Lastpass/Keepass/etc. folks. This ain't the good old days. You need to have a different password for every single site to prevent hacks across your digital identity.

Someone out there has Last.fm, LinkedIn, and eHarmony and has the same 3 passwords out there in hash form. That ish won't take long to figure out and it'll make figuring out the salt a little easier too.
Posted Image

#6 eLefAdEr   All Systems Go CAGiversary!   1383 Posts   Joined 5.0 Years Ago  

Posted 07 June 2012 - 09:08 PM

Time to man up and Lastpass/Keepass/etc. folks. This ain't the good old days. You need to have a different password for every single site to prevent hacks across your digital identity.

Someone out there has Last.fm, LinkedIn, and eHarmony and has the same 3 passwords out there in hash form. That ish won't take long to figure out and it'll make figuring out the salt a little easier too.


I keep an encrypted spreadsheet with all of my passwords and I rotate them every quarter. It's a bit of a pain to do, but I'm the worrier-type so I sleep a little better knowing my passwords are mostly useless in the wrong hands.

According to LinkedIn, my password wasn't compromised. If anyone here did get theirs taken, did LinkedIn send you a form email regarding this breach?

edit: I'm now looking into these password manager sites (Lastpass, Keepass, etc). Thanks for the mention, speedracer.

#7 VipFREAK   Fun Knee! CAGiversary!   9411 Posts   Joined 8.1 Years Ago  

Posted 07 June 2012 - 09:09 PM

Can whoever is doing this shit cut it the Fuck out... I haven't used this shit in eons and can't remember my damn passwords... :\

My Summer Motto: "When Nature turns off the damn heat I'll turn off my A/C"


Trade List

#8 zewone   Thursday CAGiversary!   43152 Posts   Joined 10.9 Years Ago  

Posted 07 June 2012 - 09:32 PM

Thanks, Shrike.

#9 Survivalism   CAG's Lance Boyle CAGiversary!   3125 Posts   Joined 7.0 Years Ago  

Survivalism

Posted 11 June 2012 - 03:22 PM

Yeah it's bullshit, someone listened to a bunch of Dashboard Confessional on mine.

#10 DurbanBrown   to the MOON CAGiversary!   1490 Posts   Joined 5.0 Years Ago  

DurbanBrown

Posted 11 June 2012 - 05:38 PM

yeah it's bullshit, someone listened to a bunch of dashboard confessional on mine.


for real? Wtf. Im changing mine asap

Zombies-Sig.jpg

last.fm: shroomer1999                                                                  Designed By Lilchiji


#11 KaneRobot   The Profit$ of Doom CAGiversary!   9559 Posts   Joined 11.3 Years Ago  

Posted 12 June 2012 - 05:16 AM

Yeah it's bullshit, someone listened to a bunch of Dashboard Confessional on mine.


That's the worst thing I've ever heard. Sorry man.

Also, THIS IS FUCKING ANNOYING. Just waiting for the day when Amazon or Facebook finally gets compromised.
Posted Image

#12 kodave   Huh. CAGiversary!   4339 Posts   Joined 5.7 Years Ago  

Posted 12 June 2012 - 06:25 AM

Apparently this might be an old hash and the hash might have already been cracked years ago that was ignored by Last.fm, according to some things I read online - but who can really confirm or deny these things? According to what I read, the cracking of the hash list was crowd sourced, but whoever stole the list in the first place now likely has the complete list of logins and cracked passwords to distribute or use as they see fit.


#13 Panda Wizardry   CAGiversary! CAGiversary!   2567 Posts   Joined 11.6 Years Ago  

Panda Wizardry

Posted 12 June 2012 - 02:53 PM

This is so incredibly lame. Just went ahead and deleted my last.fm account.

Please check out my channel: Alan Bytes Back!

MyAnimeList