The virtual ink wasn’t even dry on my post about the current epidemic of breaches when here comes another. This time LastFM is the target and users need to be aware.
I am usually paranoid but it seems I have cause. I am thinking we are just at the tip of the problem. Has something changed that makes this easier for hackers to blunder or has things always been this vulnerable and fragile and open to exploitation? Whatever the case I fear greater bad news when we hear the stories of how these things are used, Identity theft may just be a first step to a bigger issue.
Sidenote: I did receive a timely email from the LastFM team in a valiant attempt to explain and address the situation and put the horses back in the stable:
“We’re sorry for the inconvenience around changing your password; Last.fm takes your privacy very seriously. We’ll be posting updates in our forums and via ourTwitter account as we get to the bottom of this.
A copy of this message is online athttp://www.last.fm/passwordsecurity.
We strongly recommend that your new Last.fm password is different to the password you use on other services.”
Well, take a deep breath, relax and sit back and lets see who’s next so far everyday it is someone else, and the beat goes on.