UPDATED 10:20 EDT / JULY 11 2012

Formspring Resolves 420K Password Breach

Formspring, the social question and answer website, disabled all their users’ passwords yesterday because of a security breach.  They advised their users to change their passwords immediately and to use stronger passwords in place of their old ones.

Today, Formspring is relieved to announce that the breach was resolved.  In their blog post, they gave details as to what occurred yesterday.

According to Formspring, they were notified that, “approximately 420k password hashes were posted to a security forum, with suspicion from a user that they could be Formspring passwords.”

Thought the said post did not contain usernames or any other identifying information, after they were able to confirm that the hashes were indeed obtained from their system, they locked down their system in order to properly investigate the root of the breach.

They were able to identify that someone broke into one of their development servers and was able to use that access to extract account information from a production database.

“We were able to immediately fix the hole and upgraded our hashing mechanisms from sha-256 with random salts to bcrypt to fortify security,” Formspring stated in their post.  “We take this matter very seriously and continue to review our internal security policies and practices to help ensure that this never happens again.”

Formspring reminded their users not to put their email address, address or phone number in their Formspring profile, and to remember to log off their accounts after using especially when using public or shared computers.  And as always, having an updated antivirus is pertinent to keeping your computer and your online accounts safe from prying eyes.

If you’re a Formspring user and you haven’t received an e-mail from them to change your password, they encourage you to contact their support team which will be happy to help and assist you.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU