Unauthorized Access Gains Control of Last.fm and eHarmony User Passwords
In a series of alarming developments, several popular online platforms have warned their users about potential password leaks.
The professional social network LinkedIn has been at the centre of concerns, as it emerged that up to 6.5 million passwords from the network were previously leaked on a hacking web forum. This was followed by a new wave of phishing messages sent to LinkedIn users, asking for password updates. However, these messages lead to a counterfeit drugs website, highlighting the malicious intent behind the attacks.
In response to these incidents, LinkedIn is reportedly collaborating with the FBI to investigate the data breach.
Meanwhile, the music community platform Last.fm has also advised all its users to change their passwords immediately as a precautionary measure. The company is currently investigating the leak of some user passwords, although the exact details of the breach have not been disclosed.
The dating site eHarmony has also been affected, with a small fraction of their user base reportedly compromised. Despite eHarmony's use of password hashing, data encryption, state-of-the-art firewalls, load balancers, SSL, and other sophisticated security approaches to protect user data, the compromise of passwords was the result of investigating reports of the issue.
In a related incident, the app 'Stay Informed,' used by over 11,000 educational institutions, issued a warning yesterday that passwords of 842,280 users may have been stolen by hackers. The stolen passwords were reportedly posted on a Russian hacking web forum.
Given these developments, it is strongly advised for users to change their passwords for all three sites (eHarmony, Last.fm, LinkedIn) and for any other site where they use the same password. This is to ensure the security of personal information and to prevent further potential misuse of stolen passwords.
As always, vigilance and caution are key in maintaining online security. Users are encouraged to use strong, unique passwords for each account and to enable two-factor authentication where possible.
