Social media site targeted at teen girls is leaking 5.5M+ passwords right now


#1

Originally published at: http://boingboing.net/2016/09/27/social-media-site-targeted-at.html


#2

breach notification service Have I Been Pwned?


#3

Well, the 1 million teen/pre-teen girls’ passwords they got probably shouldn’t have much consequence (financially anyway…), but the 4.5 million middle-aged dudes’ passwords could be a re-used password skeleton key into all kinds of financial info…


#4

I just checked there and my long forgotten last.fm showed up. LinkedIN I already knew about and changed the password.

eta and now last.fm account is gone as I never really used it and havent logged in there in over 2 years.


#5

I must admit, I had no idea what this was referring to, then checked it out when you replied. Dang, I didn’t even know I had accounts at linkedin, adobe and myspace…hopefully that was in a time when I used a different stupid reused password…


#6

haveibeenpwned is incredibly useful. Troy adds breaches pretty quickly, but also takes the time to vet their authenticity. In his blog he covers everything from raw technical details to moral choices about how to release data from sensitive breaches.

You can ask to be notified if a breach comes up for your email, or for an entire domain you admin. A few weeks ago I had to ask my managing director to change his password because his work account came up in a breach.


#7

I definitely did this, and definitely NOT because I needed access to “sensitive breaches” and let’s just leave it at that :slight_smile: But thanks for letting me know about the domain registration. I do indeed manage several domains with emails for colleagues. Will do this tout suite!

ETA: and it looks like we’re good!


#8

Forgive me, but financial is not the only consequence of… well, consequence.


#9

Yeah, no, totally. I just couldn’t think of a better way to back into a “most of these accounts are probably not actually teen girls” joke…

ETA [rather than replying again] I see how my comment casually diminished the harm done to teen girls, for sure. Didn’t want to do that. I was going for an Ashley Madison “It’s actually all dudes” Hack + Bronys + pervos-pretending-to-be-teen-girls-to-access-teen-girl-space trifecta. Sounds like it might have fallen a little flat…


#10

I’m not sure that would be the case either? But I guess if it was a joke…?


#11

This topic was automatically closed after 5 days. New replies are no longer allowed.