Last.fm Becomes Latest Password Breach Victim

Music streaming site Last.fm is warning users about a password breach, in a week which has seen a spate of similar attacks.

Social network LinkedIn and dating site eHarmony have both been hit, as hashed password lists were posted on hacker forums.

“We are currently investigating the leak of some Last.fm user passwords,” Last.fm said in a post on its site. “This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we’re asking all our users to change their passwords immediately.

“We’re sorry for the inconvenience around changing your password; Last.fm takes your privacy very seriously.”

There may be a connection between the three breaches this week and there could be a common vulnerability being exploited by the hackers, believed to be Russian cyber criminals.

LinkedIn updates

LinkedIn has continued to issue updates for its users, following the publication of approximately 6.5 million hashed user passwords on a hacker forum earlier this week. The company is now working with the FBI on the situation.

It also sought to allay its members’ fears, claiming there had been no reports of unauthorised access to people’s accounts as a result of the event.

“Going forward, as a precautionary measure, we are disabling the passwords of any other members that we believe could potentially be affected. Those members are also being contacted by LinkedIn with instructions on how to reset their passwords,” a blog post from LinekdIn director Vicente Silveira read.

“We are also actively working with law enforcement, which is investigating this matter.”

Silveira said users should be wary of potential phishing attacks and spam emails asking for personal or sensitive information.

Users of all affected sites have been advised to change their passwords and ensure they are strong, with letters, numbers and other characters.

Are you a security guru? Try our quiz!