Formspring
Formspring issued a blog post announcing a security breach in which approximately 420,000 password hashes were posted to a security forum. The post apparently did not contain usernames or any other identifying information. The group temporarily locked down its system and launched an investigation in which it determined that unauthorized parties had accessed one of its development servers to gain access to the data. According to a statement from the administrators, "We were able to immediately fix the hole and upgraded our hashing mechanisms from sha-256 with random salts to ... fortify security." What to do: Change your password.
Next Slide >
