Social music service Last.fm, used by millions of users around the world to collect information about their listening habits, suggest new artists, and connect them with other users with similar tastes, has become the latest victim in a string of data security breaches currently plaguing the internet.
The breach was confirmed by Last.fm on their official Twitter account overnight, and comes amidst a backdrop of similar breaches, including at LinkedIn where up to 8 million passwords may have been compromised, and at dating site eHarmony where 1.5 million passwords were harvested.
We’re investigating a security issue with user passwords. As a precaution, we recommend you change your password: last.fm/passwordsecuri…
— Last.fm (@lastfm) June 7, 2012
According to Mashable, a mystery Russian hacker was reportedly behind the attacks on LinkedIn and eHarmony. It’s unknown at this time if the same hacker is behind the Last.fm suspected leak.
High profile incidents of hacking have been occurring with alarming frequency over the last twelve months, with a number of big names such as iTunes and most famously Sony Playstation having personal information stolen from their vast banks of user data.
Last.fm at this stage are still investigating the scale and nature of the breach, but have advised that every user login and change their passwords immediately. Last.fm is also advising that if your current Last.fm password is used for any other accounts, such as email or Facebook, that you should also change those passwords – just in case.
“We are currently investigating the leak of some Last.fm user passwords,” a spokesperson wrote this morning. “This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we’re asking all our users to change their passwords immediately.”
“We’re sorry for the inconvenience around changing your password; Last.fm takes your privacy very seriously. We’ll be posting updates in our forums and via our Twitter account (@lastfm) as we get to the bottom of this.”
Last.fm users can switch their passwords by logging in and accessing the “Settings” page, or by reporting their password as lost. In the site’s announcement, Last.fm re-emphasized these are the only means for password changes: “We will never e-mail you a direct link to update your settings or ask for your password.”
Users are advised to follow guidelines recommended by Google when picking their new password.
The amount of passwords potentially leaked has not been announced at this time.