The Register® — Biting the hand that feeds IT

Feeds

Friendster password emails spark site hack fears

Blast from the social networking past

By John Leyden, 2nd June 2011
  • print
  • alert

Agentless Backup is Not a Myth

Multiple users have reported receiving spam emails containing their Friendster password in plain text.

The appearance of the suspicious emails to registered Friendster addresses (widely reported by numerous Twitter users on Thursday) has spawned fears that Friendster database might have been hacked. An alternative theory is that a partner of the once massive social networking site might have leaked the data.

All this remains unconfirmed. We've asked Friendster for a response but are yet to hear back.

We ran an early blog report explaining the suspicious emails past net security firm Sophos: it said that although any individual report might be circumstantial, the collective weight of reports leaves Friendster with some explaining to do.

In the meantime users who received the suspicious emails would be well advised to change their passwords, especially if they used their Friendster password on other sites.

Friendster was one of the original social networking websites but its position was usurped by MySpace and Facebook, at least in the West, where it has since become a topic of parody. The site remained popular in Asia.

Even so the site abandoned social networking altogether last month, repositioning as a social gaming site. ®

Steps to Take Before Choosing a Business Continuity Partner

COMMENTS

House Rules Send Corrections
All Reader Comments (7)
Highly Rated
Anonymous Coward

Bugger confirmation

If it's your friendster password and it's in plaintext it suggests 1 of two things;

- Friendster store passwords in plaintext

OR

- Friendster uses a non-salted hash

More likely the former IME. They've some explaining to do regarding that before they even start on how they were compromised!

Don't use them thankfully, but there needs to be a culture of change regarding storing of passwords. When even the venerable vulture stores in plaintext there's something badly wrong

2
0
Anonymous Coward
Anonymous Coward

I don't usually compromise my security

but when I do, I use Friendster

1
0
Franklin

Must contain letters and/or digits

I got one of those emails. I'd forgotten I even HAD a Friendster account.

Needless to say, I don't any more. Canceled the account within five minutes of getting the email. And fortunately, I don't use the same password in other places.

0
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
136
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
61
Internet fraud still stings suckers
Australians twice as gullible as Americans
36
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17