The military dating website MilitarySingles.com recently suffered a large-scale data breach
that exposed the personal information for more than 170,000 of its members.
The attack exposed the sites' cache of usernames, email addresses, passwords and even IP addresses, which were then posted on the file sharing site PasteBin by a group calling itself "LulzSec Reborn," according to analysis of the March breach by the security firm Imperva
. Many of the passwords exposed were extremely common and easy to guess, including "password," "123456," and "iloveyou."
The passwords were encrypted, though weakly, with the well-known MD5 hash, the report said. In all, it likely took the hackers less than nine hours to decode the tens of thousands of passwords. For this reason, Imperva notes the importance for companies to do far more to encrypt user passwords properly so that they cannot cracked so easily.Ondrej Krehel
, the chief information security officer for Identity Theft
911, writes a blog about the ways hackers can cause data breaches
, and the identity theft concerns that can spring up as a result of these incidents.
© 2003-2012 IDentity Theft 911, LLC. All Rights Reserved