Categories
Blog Archives
Data Breach Alert: Facebook application developer RockYou failed to protect data
Posted by Caitlin on January 11th, 2010
RockYou is a company that develops applications for Facebook, MySpace, and a number of other popular social networking websites. It's the second biggest application developer for Facebook after Zynga, which recently made headlines for its "scammy" offers. Last month, RockYou fell victim to an SQL injection attack, in which a hacker or hackers successfully accessed a database containing email addresses and passwords for over 30 million users. Last week, RockYou was hit with a class action lawsuit, alleging that RockYou "recklessly and knowingly failed to take even the most basic steps to protect its users' personally identifiable information by leaving data entirely unencrypted and available for any person with a basic set of hacking skills."
Login data for a social networking application may seem like a trivial data breach, but it becomes a more serious matter when one considers the frequency with which the same password is reused for several online accounts. If someone gets into your RockYou account, the consequences will probably be minimal, but that same stolen data could be used to access your personal email or online banking accounts.
We've said it before and we'll surely be compelled to say it many, many more times, but: don't use the same password for multiple online accounts! It's a terrible habit that compromises your security and identity. And think carefully about whether applications on Facebook and other social networking sites are really worth the risk of viruses and identity theft.
Be sure to install Internet security software, and set it to update automatically. And consider investing in identity theft protection.
4 Responses to “Data Breach Alert: Facebook application developer RockYou failed to protect data”
Leave a Reply
About Us Blog Contact UsTerms & Privacy PolicyAffiliate ProgramSite map
Copyright© 2006 - NextAdvisor.com - All rights reserved.
January 12th, 2010 at 11:36 am
Anyone else here reading “I.T. WARS”? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary – an eCulture – for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, policies, and so on. Just Google “IT WARS” – check out a couple links down and read the interview with the author David Scott. (Full title is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium”).
January 23rd, 2010 at 6:03 am
This really isn't surprising. We'd all be amazed how much this wouldn't happen if people took the extra .5 seconds to add a number or two to the end of their password. Leave the door open and people will come in. Using passwords like "1234" just isn't smart.
January 25th, 2010 at 4:07 am
You always thought it won't happen and then it did. And now you are suffering the bitter consequence of your action.
January 25th, 2010 at 2:55 pm
Just want to say your article is striking. The clarity in your post is simply striking and i can take for granted you are an expert on this subject. Well with your permission allow me to grab your rss feed to keep up to date with forthcoming post. Thanks a million and please keep up the ac complished work. Excuse my poor English. English is not my mother tongue.