Social app provider RockYou! gets rocked, users rocked worse

Posted by kent on December 15th, 2009

Social network application provider RockYou! suffered a major security breach which allowed hackers to uncover and post sensitive user data. TechCrunch has detailed the whole terrible affair that seems to be the result of multiple security holes, bad no data encryption, weak password requirements, and even worse customer notification procedures. The social network boasted over 32 millions users. That number is likely to shrink.

Perhaps the most egregious issue, beyond the vulnerability that allowed the initial hack, is RockYou!'s policy of storing users' login information from other social networks on RockYou!'s servers. The security breach revealed those as well.

There's been no guidance from RockYou! on what users should do, or what the company is doing. RockYou! users would be wise to change their passwords on any social networks they connected to from RockYou!