Dating stephy password
Up to 42 million people worldwide have had their names, email addresses, passwords and dates of birth exposed to online criminals, the result of a data breach in January at Australian online-dating company Cupid Media.
There have been bigger data breaches, but perhaps none worse.
Salting adds a set of secret characters to each password before hashing, so that one site's hash of a given password won't match another site's.
In most cases, websites that hash passwords store the hash, not the original password.
To verify a user's password, a website runs a password through the hashing algorithm each time the user enters it, then matches the resulting hash to the stored hash generated when the user first registered that password.
However, all those computations and database lookups can be expensive and time-consuming.
Krebs reached out to some of the individuals listed in the stolen Cupid Media records, and those who responded confirmed that Krebs indeed had their passwords.
(Krebs did not mention whether they'd been notified by Cupid Media.) Bolton suggested that Krebs may have "illegally accessed" user records, but then outlined the company's long-term response.
Reporters contacted the couple and they admitted going to Maldives together for travel; however, they denied getting married and having their honeymoon there. I'm still single..." Then he suddenly corrected himself: "No no no, anyways, we are not married." As for Stephy, she expressed they cannot hide marriage from media and she does not have the motivation to get married since she is not at the suitable age.
That is very surprising if such a large number of users were put at risk. However, they apparently weren't even doing that - storing the passwords in plaintext, meaning they were instantly readable by the human eye as easily as you are reading this password right now.
Of course, it's possible that Cupid Media has mended its ways and now stores its dating customers' passwords in a more secure fashion. But in the meantime, if you are a user of any of these websites, you need to ensure that you are not using the same password on any other website, and always use a password that is hard to guess and tricky to crack.
(Cupid Media has no link to New York-based online-dating service OK Cupid.) Of those 42 million Cupid Media compromised accounts, 1.9 million, or 4.5 percent of the total, used the password "123456"; 1.2 million used "111111." Yet since all the passwords were unencrypted, even users who used strong passwords are now at high risk of identity theft and account hijacking. 20), security blogger Brian Krebs revealed he had found the Cupid Media data buried on the same cybercriminal server that had stored data stolen from Adobe Systems, PR Newswire and the National White Collar Crime Center.
(The 150 million stolen Adobe user records had such poor password encryption that Facebook decided to alert its own users who also appeared in the Adobe data set.) MORE: Adobe Data Breach: How to Protect Yourself Andrew Bolton, managing director of Cupid Media, told Krebs that his company had suffered a data breach in January 2013.
The full list of sites can be found on this Cupid Media page under the "Choose a site" drop-down menu.