RockYou security lapse exposes 32 million passwords

Darren Allan

December 16, 2009

RockYou, a developer of apps for social networking sites, has been subject to a security breach which has exposed millions of passwords.

32 million of them to be precise, which hackers gained access to via an SQL injection attack (sounds painful).

Unfortunately the user details were all kept in plain text, so really this is a double security cock-up.

Anyone who has used RockYou’s widgets is being advised to change their social networking site passwords as a precautionary measure.

Security experts are also advising folks to change their webmail passwords as well, as the hacked details contained email addresses.

So if your email password is the same as your social networking one – and many people duplicate their passwords unwisely – then hackers could gain access to your email account.

RockYou issued a statement to TechCrunch, indicating that it has “secured the site and is in the process of informing all registered users that the hack took place”.


Post a comment

Your email address will not be published. Required fields are marked *

Visited 1846 times, 1 so far today