News

Technology

Last.fm has become the latest service to have data from a historic breach become public online, according to reports. 43.5 million users’ details were stolen from the music site in March 2012, but breach-tracking service LeakedSource has now obtained a copy of the database.

According to the site, each record includes a username, email address, password, join date and some other data used internally by Last.fm.

The passwords were stored using unsalted MD5 hashing, allowing LeakedSource’s experts to convert more than 96 per cent of them to visible passwords in two hours.

“123456”, “password” and “lastfm” were the most popular passwords, reflecting the poor level of user security shown in other recent breaches.

“Music service Last.fm was hacked on March 22nd, 2012 for a total of 43,570,999 users,” LeakedSource said in a blog post analysing the data.

“This data set was provided to us by daykalif@xmpp.jp and Last.fm already knows about the breach but the data is just becoming public now like all the others.”

Last.fm joins major online services including LinkedIn and Myspace in having data from previous breaches emerge online.

Last week, 68 million Dropbox users were put at risk after a database from a previously-disclosed 2012 data breach was uncovered by researchers.

A batch of Twitter usernames and passwords were also discovered by LeakedSource, although it is believed the users were hacked, rather than Twitter itself.

It said it has “so many databases waiting to be added that if we were to add one per day it would take multiple years to finish them all”.

The breach-tracking website added it was “processing multiple more mega breaches”.

As always, users caught up in data breaches are advised to change their passwords both on the breached site and on any services where they used the same credentials.

You may also like...

Keep Up To Date - Subscribe To Our Email Newsletter Today

Get the latest industry news direct to your inbox on all your devices.

We may use your information to send you details about goods and services which we feel may be of interest to you. We will process your data in accordance with our Privacy Policy as displayed on our parent website https://ebm.media