Representatives of the company blocked the passwords of all users and are reviewing the security policy of the company to ensure that this situation is not repeated.
Site of service of questions and answers Formspring was the victim of unknown hackers who managed to get the password hashes of portal users. As a precaution, the administration cut off the resource passwords for all users.
“We apologize for the inconvenience, but we prefer not to risk it and appealed to all users to update the password” – says the founder and CEO of Formspring Olonoh Ade (Ade Olonoh).
Formspring learned about the leakage of credentials after about 42 thousand passwords was discovered and published in open access to one of the forums. It is reported by CNet.
“Seeing that the published password hashes were stolen from Formspring, we have disabled our system and have begun an investigation to determine the nature of the violation. – Said spokeswoman Dorothy Fisher Portal (Dorothee Fisher). – We found that someone got into our server development, and extracted information from the database credentials. We have corrected the problem and are currently reviewing our internal security policy in order to make sure that this will not happen again. ”
Many users have expressed their desire to remove their accounts, but the company assured them that all passwords have been salted, so the attackers would be difficult to know the actual passwords.