NEWS
NEWS
NEWS
Details of 43m+ accounts obtained in Last.fm hack
Another day, another revelation about a historical hack. Following on from Dropbox, Inc. earlier this week comes details from the hacking of music website Last.fm in 2012.
According to breach notification site LeakedSource, who obtained a copy of the database obtained in the hack, the details of 43,570,999 were obtained by the hacker who breached the service on March 22nd, 2012; at the time of the hack it was not known how many account details had been obtained but it was noted that it was believed that Last.fm has 40 million users at the time.
To make matters worse, while the passwords contained in the database were hashed, they were hashed using MD5, the encryption standard first invented in 1991. We noted, when political site Infowars was hacked, that MD5 is well known to have a “tremendous amount of vulnerabilities,” and has described as being “cryptographically broken,” meaning that LeakedSource took only two hours to crack more than 96 percent of the passwords from the database.
Perhaps unsurprisingly it turned out that many of the passwords were easy to guess anyway, with the most popular passwords including 123456, password, lastfm and 123456789.
Other data in the database included usernames, email addresses, join date, and other internal records including campaign hits, banned users, newsletter details, used invites, web player details, and similar.
Never ending story
The disclosure of details from the historical Last.fm hack can be added to a growing list of recent and historical hacks coming to light, including surprisingly many through LeakedSource, who claim to have even more databases to analyze before publishing the details.
As previously mentioned, details of the 2012 hack of online storage provider Dropbox came to light earlier this week, with others in previous weeks and months including MySpace, Twitter, LinkedIn, and Tumblr among others.
It’s become such a never ending story now that the easier exercise may be to create a list of sites and companies that haven’t been hacked in the last five years.
A full copy of all the stats from the hack are available from LeakedSource here.
Image credit: viirok/Flickr/CC by 2.0
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
