After this week's LinkedIn fiasco, it appears the latest tech giant to fall to bored hackers is Last.fm. Music-streaming website Last.fm is the latest organisation to urge its users to change their passwords immediately.
The London-based site, owned by CBS, said in an advisory that it was currently investigating a possible leak of passwords but did not provide any further details.
The dating site said it is "continuing to investigate" but "as a precaution" has reset affected members passwords.Affected members will receive an email with instructions on how to reset their passwords.eHarmoney, which brands itself as "#1 Trusted Online Dating Site for Singles" has around 20 million registered online users.
The breach was confirmed by Last.fm on their official Twitter account overnight, and comes amidst a backdrop of similar breaches, including at LinkedIn where up to 8 million passwords may have been compromised, and at dating site eHarmony where 1.5 million passwords were harvested.
Here are some tips to keep your passwords safe:
- If you get an email from any services asking your to update your information, DO NOT CLICK on the link the in the email. Odds are pretty high it's spoofed.
- Do not use the same password for everything. I have one password for throwaway accounts, one for sites that don't have much information on me, one for those that have a bit of info, and unique passwords for each account that has a high level of information, like my bank account.
- Do not use "password," "12345," or any other easily guessable words. If you have to use one word so you can remember it, choose a word that does not mean anything to anyone except you. Try misspelling it and adding numbers. For example, I have passwords that are from other languages but spelled incorrectly (as well as a few other memes).
- If you're feeling advanced, you can try this trick: Think of the first line of a song you like, take the first letter of each word in that line, then put them together. Swap out some of the letters for numbers if you can and maybe add a symbol or two.
- DO it now. I know it's a pain, but better safe then sorry. And again DO NOT CLICK on anything from an email. Only go to the site directly in a new tab or window.
- To make your life easier in the future, keep a list of every site you create a login for. That way, when it's time to do a clean sweep, you know exactly where to go.