New details reveal over 43M accounts were breached in 2012 Last.fm hack

last fm 2012 hack 43 million accounts
Lorenzo Massacci/Flickr
The scale of a 2012 hack of music site Last.fm is now coming to light, revealing that more than 43 million accounts were affected.

LeakedSource, a data breach and hacking notification site, says it has obtained a copy of the hacked database. The site was originally breached in March 2012, which led the company to send out a password reset notification to its users, but it’s only now that the full scale of the hack is rearing its ugly head.

After analyzing and verifying the data, LeakedSource published its findings Thursday. It says the data includes usernames, hashed passwords, email addresses, and the date the user signed up to the site and/or the newsletter, as well as advertising data.

Perhaps most alarming is the hashed password data, which was secured with the MD5 hashing algorithm. MD5 has been considered outdated for a number of years. In 2012, the year of this hack, the original author of the algorithm wrote that it was no longer safe to us. As far back as 2005, a cryptographer wrote that MD5 was “broken”.

The case bears similarity to the Dropbox hack, details of which emerged Wednesday. Passwords were protected with SHA-1, another hashing algorithm that is becoming more and more outdated as computing power gets stronger.

In the case of Last.fm, LeakedSource was particularly alarmed by the use of MD5. “This algorithm is so insecure it took us two hours to crack and convert over 96 percent of them to visible passwords,” LeakedSource said, adding that it recently invested more into its own password-cracking capabilities for testing purposes.

The site also published a list of some of the most commonly used passwords it found and it doesn’t make for encouraging reading. The three passwords at the top of the list were “123456,” “password,” and “lastfm.”

Last.fm has yet to respond to the new details.

Emerging Tech

Awesome Tech You Can’t Buy Yet: Folding canoes and ultra-fast water filters

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Computing

Supermicro investigation: no spy chips found on our motherboards

Supermicro announced the results of an investigation into the controversy surrounding its motherboards. The investigation was launched in response to reports that alleged the motherboards were compromised with malicious hardware.
Mobile

Apple's iOS 12.1.1 makes it easier to switch cameras in FaceTime

After months of betas, the final version of iOS 12 is here to download. The latest OS comes along with tons of new capabilities, from grouped notifications to Siri Shortcuts. Here are all the features you'll find in iOS 12.
Deals

Cook your holiday meals with this $60 Instant Pot, on sale today only

Instant Pots were a huge hit for Black Friday and Cyber Monday with prices reaching as low as $60, but you haven't missed your chance at a great deal. Amazon is slashing the price on the Instant Pot Ultra with a $60 discount for today…
Computing

Windows 10 user activity logs are sent to Microsoft despite users opting out

Windows 10 Privacy settings may not be enough to stop PCs from releasing user activity data to Microsoft. Users discovered that opting out of having their data sent to Microsoft does little to prevent it from being released.
Computing

Intel's discrete graphics will be called 'Xe,' IGP gets Adapative Sync next year

Intel has officially dubbed its discrete graphics product Intel Xe, and the company also provided details about its Gen11 IGP. The latter will include adaptive sync support and will arrive in 2019.
Computing

Intel answers Qualcomm's new PC processors by pairing Core and Atom in 'Foveros'

Intel has announced a new packaging technology called 'Foveros' that makes it easier for the company to place multiple chips together on one package. That includes chips based on different Intel architectures, like Core and Atom.
Computing

Razer’s classic DeathAdder Elite gaming mouse drops to $40 on Amazon

If you're looking to pick up a new gaming mouse for the holidays, Amazon has you covered with this great deal on the classic Razer DeathAdder Elite gaming mouse with customizable buttons, RGB lighting, and a 16,000 DPI optical sensor.
Computing

Intel's dedicated GPU is not far off -- here's what we know

Did you hear? Intel is working on a dedicated graphics card. It's called Arctic Sound and though we don't know a lot about it, we know that Intel has some ex-AMD Radeon graphics engineers developing it.
Computing

Firefox 64 helps keep your numerous tabs under control

Mozilla officially launched Firefox 64 by placing new features into the laps of its users including new tab management abilities, intelligent suggestions, and a task manager for keeping Firefox's power consumption under control.
Computing

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.
Computing

Apple MacBook Air vs. Microsoft Surface Pro 6

The MacBook Air was updated with more contemporary components and a more modern design, but is that enough to compete with standouts like Microsoft's Surface Pro 6 detachable tablet?
Computing

Installing fonts in Windows 10 is quick and easy -- just follow these steps

Want to know how to install fonts in Windows 10? Here's our guide on two easy ways to get the job done, no matter how many you want to add to your existing catalog, plus instructions for deleting fonts.
Computing

Email take-backsies! Gmail's unsend feature is one of its best

Everyone has sent a message they wish they could take back. How great would it be if you could undo that impulsive email? If you're a Gmail user, you can. Here's how to recall an email in Gmail.