Millions of user passwords to social networking sites have been exposed, after a serious SQL injection flaw on the Rockyou.com website left login details - stored in plain text - up for grabs. RockYou - which develops apps for social networking sites including Facebook, Bebo and MySpace - stored usernames, passwords and email addresses in plain text. That's bad enough in itself, but then an SQL injection flaw on RockYou's website exposed the information to prying eyes. Amichai Shulman, chief technology officer with the data security firm Imperva, said the passwords exposed will often be the same as those users utilise for webmail accounts associated with their social networking profiles, creating yet more potential problems.
Security
RockYou password snafu exposes webmail accounts
- Details
- Category: Data Theft, Data Losses and Espionage
- Hits: 2672