Joining the list of websites recently suffering security breaches is social networking site, Formspring. The company has confirmed the breach by posting a message on Tuesday that about 420,000 member accounts were compromised after a hacker released their passwords on a security forum.
According to Formspring’s spokeswoman Dorothy Fisher, it was on Monday that the company found out that about 420,000 encrypted passwords appeared on a security forum. Fisher, not wanting to direct attention to it, refuses to reveal the identity of the forum. It seems that someone managed to hack into one of their development servers and extracted account information from the database.
While the encrypted passwords are not immediately useable until someone tech-savvy enough can decode it, Formspring has decided not to take chances and “play it safe”. The company has disabled all passwords and asked users to reset their own member account passwords.
The social networking site is still investigating what happened. Founder Ade Olonoh ensures users that they are taking the matter “very seriously”, fixing the site’s vulnerability and upgrading its encryption as well as reviewing internal security policies to “ensure that this never happens again”.
Other sites that recently experienced similar security breaches include LinkedIn, eHarmony, and Last.fm. And while Formspring takes its position as the latest to be attacked, it may not be the last.