It has been a rough few weeks for social media! First, hackers went after your resume, and then they tried to trash the online dating scene – as if setting up the perfect date weren’t complicated enough already.
In addition to the recent LinkedIn security breach, eHarmony was also the target of password hacking. The Los Angeles Times reported it could even have been the same hacker – and we doubt the crook is looking for a romantic walk on the beach. Initial reports said approximately 1.5 million passwords were hacked, and eHarmony confirmed that “a small fraction of the user base” had been affected by the security attack. Much like LinkedIn, eHarmony was quick to take action and assure its users of the password security precautions the company takes.
“Please be assured that eHarmony uses robust security measures, including password hashing and data encryption, to protect our members’ personal information,” a company blog post stated. “We also protect our networks with state-of-the-art firewalls, load balancers, SSL and other sophisticated security approaches.”
Password management to the rescue
If you’re not sure whether your password was hacked, password management firm LastPass has offered free web utilities for users to check the status of both LinkedIn and eHarmony passwords. The tools are available on LastPass’s website.
A LastPass spokesperson who was not named offered assurances that password data is not saved when users enter their passwords into the utility, according to a recent Mashable article.
“So let’s say you enter password1,” the spokesperson told Mashable. “You enter it and the tool performs the hashing algorithm. The hash is then sent to LastPass, and if a match is found in the database (of the 6.46 million leaked hashes) on our end, we report back a message saying that your password was compromised.”
Even if your account wasn’t compromised, it’s still a good idea to utilize good password security practices, such as avoiding common words. The LastPass spokesperson also suggested compromised users change their passwords for other websites, especially if they were using the same passwords as their eHarmony or LinkedIn accounts.
Were you one of the millions affected by the security breaches? How did you react to the issue? Do you think LinkedIn and eHarmony have reacted quickly enough to user concerns?