Last.fm, online music site with free music streaming, photos, lyrics, videos, concerts and many more. Last.fm homepage does not shows any information regarding this hack.
According to LeakedSource, “Music service Last.fm was hacked on March 22nd, 2012 for a total of 43,570,999 users. This data set was provided to us by [email protected] and Last.fm already knows about the breach but the data is just becoming public now like all the others.”
LeakedSource was able to confirm that email address, usernames, passwords, newsletter sign-ups, join-date and ad-related data, were stolen in the breach.
“Each record contains a username, email address, password, join date and some other internal data. We verified the legitimacy of this dataset with Softpedia reporter Catalin C who was in the breach himself along with his colleagues.”
The stolen passwords from Last.fm were stored using unsalted MD5 hashing (hashing is a method for encrypting data for better security). LeakedSource reported that, it took only two hours for them to crack and convert over 96% of them to visible passwords.