Thursday after the password breach saga experienced by Linkedin and Eharmony, more websites has reported security defilement and experts warned users of social networks against email scam. Users of the hacked websites has been adviced to be alert of fake emails messages which is designed to warn against the breach but intends to steal personal data, a process called “phishing”.
eHarmony and Lastfm.com also urges users to change passwords due to a compromise in users account experienced over the week. ”We are currently investigating the leak of some Lastfm user passwords” says the blogsite.
Becky Teraoka of Eharmony said that “a small fraction of our user base has been affected” and that “as a precaution, we have reset affected members’ passwords.”
A british security sophos, Graham Cluely said, about 1.5 million eHarmony password was uploaded to websites where hackers were encouraged to join forces to decode them.
Now users are being warned not to click on links that purport to come from the compromised websites. Linkedin did not include any warning against link click to its customers.
Mikko Hypponen, a Finland based F-secure said on a Twitter message that, a flood of phishing emails was likely, “First change your LinkedIn password. Then prepare for scam emails about LinkedIn password changes, linking to phishing sites. Will happen,”
About 6.5 million Linkedin accont were posted to a Russian hacker forum, but the figure was debated last thursday.
Imperva security firm said evidence showed that “the size of the breach is much bigger than the 6.5 million accounts” and added that “the passwords weren’t properly protected.”