Categories
Blog Archives
Data Breach Alert: Facebook application developer RockYou failed to protect data
January 11th, 2010 - Posted by Caitlin
RockYou is a company that develops applications for Facebook, MySpace, and a number of other popular social networking websites. It's the second biggest application developer for Facebook after Zynga, which recently made headlines for its "scammy" offers. Last month, RockYou fell victim to an SQL injection attack, in which a hacker or hackers successfully accessed a database containing email addresses and passwords for over 30 million users. Last week, RockYou was hit with a class action lawsuit, alleging that RockYou "recklessly and knowingly failed to take even the most basic steps to protect its users' personally identifiable information by leaving data entirely unencrypted and available for any person with a basic set of hacking skills."
Login data for a social networking application may seem like a trivial data breach, but it becomes a more serious matter when one considers the frequency with which the same password is reused for several online accounts. If someone gets into your RockYou account, the consequences will probably be minimal, but that same stolen data could be used to access your personal email or online banking accounts.
We've said it before and we'll surely be compelled to say it many, many more times, but: don't use the same password for multiple online accounts! It's a terrible habit that compromises your security and identity. And think carefully about whether applications on Facebook and other social networking sites are really worth the risk of viruses and identity theft.
Be sure to install Internet security software, and set it to update automatically. And consider investing in identity theft protection.
4 Responses to “Data Breach Alert: Facebook application developer RockYou failed to protect data”
Leave a Reply
Popular Services Reviewed:
Credit Monitoring Services |
Find Us On:
Copyright© 2006 - 2012 NextAdvisor.com - All rights reserved.
Disclosure: NextAdvisor.com is a consumer information site that offers free, independent reviews and ratings of online services. We receive advertising revenue from most of the services we review. Our editors thoroughly research and whenever possible test each service we review and offer their honest opinions about each one. We are independently owned and operated and all opinions expressed on this site are our own.
January 12th, 2010 at 11:36 am
Anyone else here reading “I.T. WARS”? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary – an eCulture – for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, policies, and so on. Just Google “IT WARS” – check out a couple links down and read the interview with the author David Scott. (Full title is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium”).
January 23rd, 2010 at 6:03 am
This really isn't surprising. We'd all be amazed how much this wouldn't happen if people took the extra .5 seconds to add a number or two to the end of their password. Leave the door open and people will come in. Using passwords like "1234" just isn't smart.
January 25th, 2010 at 4:07 am
You always thought it won't happen and then it did. And now you are suffering the bitter consequence of your action.
January 25th, 2010 at 2:55 pm
Just want to say your article is striking. The clarity in your post is simply striking and i can take for granted you are an expert on this subject. Well with your permission allow me to grab your rss feed to keep up to date with forthcoming post. Thanks a million and please keep up the ac complished work. Excuse my poor English. English is not my mother tongue.