Turn off the Ad Banner  

To print: Select File and then Print from your browser's menu.

    -----------------------------------------------
This story was printed from CdrInfo.com,
located at http://www.cdrinfo.com.
-----------------------------------------------

Appeared on: Wednesday, July 11, 2012
Social site Formspring Hacked

Social networking site Formspring said Tuesday that it was disabling nearly 30 million registered users' passwords after hundreds of thousands of them were leaked to the Web.

Formspring was notified that approximately 420k password hashes were posted to a security forum, with suspicion from a user that they could be Formspring passwords. The post did not contain usernames or any other identifying information.

Once the company verified that the hashes were obtained from Formspring, it locked down its systems and began an investigation to determine the nature of the breach. Formspring found that someone had broken into one of its development servers and was able to use that access to extract account information from a production database.

Formspring was to fix the hole and upgraded its hashing mechanisms from sha-256 with random salts to bcrypt to fortify security.

"We take this matter very seriously and continue to review our internal security policies and practices to help ensure that this never happens again," Formspring said in a blog post.

Formspring is sending email asking its users to reset their passwords.


Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .