Redwood City, CA - Hackers broke into an online database hosted at RockYou.com and illegally accessed the usernames and passwords for more than 30 million users of Facebook, MySpace, Friendster and Orkut. The hacker may also have accessed usernames and passwords for Gmail, Yahoo, and Hotmail accounts as well.
RockYou produces widget applications that are widely distributed on social networking sites such as Facebook and MySpace. In order to work properly, these widgets require the user’s username and password. Most social networks have data security requirements for its widget developers, and it may be possible that RockYou was in violation of these requirements.
The most troubling aspect of this incident is that RockYou apparently stored the information in plain text, rather than following industry standards by encrypting it.
The data breach was first discovered after a database security vendor discovered a major error it had uncovered on a page on RockYou’s website.
The hackers claims to have accessed RockYou’s entire database and has posted samples of data on their website. He appears to be forcing RockYou to admit to certain vulnerabilities in its data security."Don't lie to your customers, or I will publish everything," the hacker wrote as an obvious reprimand to RockYou. http://www.examiner.com/
No comments:
Post a Comment