It’s been quite the day for the Russian h*cker who has reportedly stolen nearly 6.5 million LinkedIn passwords. Now, it looks like the same h*cker has also compromised 1.5 million passwords from popular dating site eHarmony.
eHarmony has confirmed that a “small fraction” of its users’ passwords have been compromised and said it has reset the affected members’ log-in information.
“After investigating reports of compromised passwords, we have found that a small fraction of our user base has been affected,” eHarmony wrote on its blog. “We are continuing to investigate… as a precaution, we have reset affected members passwords.”
Affected members will receive an email with details about how to reset passwords. The company also included a list of password security tips, such as changing passwords every few months and using different passwords for each Internet site.
eHarmony said it will keep its users up to date with information about the incident.
“Please be assured that eHarmony uses robust security measures, including password hashing and data encryption, to protect our members’ personal information,’ the company added. “We also protect our networks with state-of-the-art firewalls, load balancers, SSL and other sophisticated security approaches.”
According to Ars Technica, the h*cker also posted the list of compromised eHarmony accounts online. News first surfaced about the LinkedIn security breach on Wednesday after the same h*cker, who uses the name “dwdm” said he stole 6,458,020 encrypted LinkedIn passwords and posted them online (without usernames) to prove his feat.
LinkedIn has since issued an apology “for the inconvenience this has caused our members.”
The breach also comes on the heels of news that LinkedIn’s iOS app potentially violates user privacy by sending detailed calendar entries to its servers.source!