Last.fm hacked, nearly 43 million users of data have been exposed

Last.fm, online music site with free music streaming, photos, lyrics, videos, concerts and many more. Last.fm homepage does not shows any information regarding this hack.

According to LeakedSource, “Music service Last.fm was hacked on March 22nd, 2012 for a total of 43,570,999 users. This data set was provided to us by daykalif@xmpp.jp and Last.fm already knows about the breach but the data is just becoming public now like all the others.”

LeakedSource was able to confirm that email address, usernames, passwords, newsletter sign-ups, join-date and ad-related data, were stolen in the breach.

“Each record contains a username, email address, password, join date and some other internal data. We verified the legitimacy of this dataset with Softpedia reporter Catalin C who was in the breach himself along with his colleagues.”

The stolen passwords from Last.fm were stored using unsalted MD5 hashing (hashing is a method for encrypting data for better security). LeakedSource reported that, it took only two hours for them to crack and convert over 96% of them to visible passwords.

This images shows frequent email, passwords used and new number of users joined each year Soruce: LeakedSource

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil