Freshly the CBS-owned music recommender site “Last.fm” has got its 43 million user accounts exposed on LeakedSource.
Netizens were getting over the Dropbox breach, and another big hit has just pulled in. On Thursday the exploit reporting site LeakedSource received a hacked database of last.fm, compromising 43,570,999 user accounts. The widespread exploit exposing site LeakedSource has confirmed that dumped data includes users’ confidential information such as usernames, sign-up date, advertisement related data, email addresses and more information.
Music service Last.fm was hacked on March 22nd, 2012 for a total of 43,570,999 users. This data set was provided to us by email@example.com and Last.fm already knows about the breach but the data is just becoming public now like all the others.
An Official Statement by LeakedSource
Interestingly, the compromised database contains hashed login credentials, matted through the MD5 algorithm. Surprisingly, the algorithm is least suggested for password protection, as it easiest to exploit than any other algorithms. With that said, LeakedSource was able to decipher 96% of the passwords in just a couple of hours.
How to Verify If You’ve Been Victimized ?
The news exploit has caused unease among a majority of Last.fm users. With having no notification from the Last.fm, users are anxious about if their account is among the victimized account? Which information has been hacked so far? And more importantly, how to identify If I have been hacked?
To release you from distress, here’s how to find if the hack has compromised your account:
- Access the official site of “LeakedSource“
- You will see following layout
- From the search type drop-down menu, select username or email
- Now, enter the username or email that you had used at the time of signing up for Last.fm and press Search
- Finally, the site will notify if your account has been compromised by the breach. If not, then you will be able to see following satisfactory message:
How to Remove Your Information from LeakedSource?
In case your account is found to be compromised, then you can request for removal of information from the site. In addition to this, LeakedSource has itself introduced an API (Application Programming Interface), that provides deciphered passwords from all the compromised accounts. The API aids the business firms to identify if the passwords belong their employees.