Log in

No account? Create an account


« previous entry | next entry »
Feb. 5th, 2014 | 12:32 am

Quick heads-up: LibraryThing, a social book cataloging site, apparently suffered a breach a few years ago that they only discovered now.

Dear ${USER},

During a security review, we found that LibraryThing suffered a data breach in November 2011. While no book data or financial information was taken, lost or changed, the hackers did take email addresses and encrypted password hashes for some accounts created prior to that date.

As a security precaution, we are requiring all members to change their passwords, here:

Please read our longer description of the breach here:

The entire LibraryThing team and I deeply regret and apologize that this happened on our watch. Since 2011, we have significantly improved our security measures, which have been further tightened across the board since we discovered this breach. As a further apology, we are upgrading you and all LibraryThing members who joined prior to November 20th, 2011 to full lifetime accounts.

So if you're on that site (I know a few folks who might be reading this are), go ahead and change your password now, even if you've not received the email yet. You do have to wonder just how a breach like that can go undetected for over two years, too, but at least they found about it now.

Link | Leave a comment |

Comments {2}


(no subject)

from: mondhasen
date: Feb. 5th, 2014 01:26 am (UTC)

I don't belong to this site, but when Adobe notified me of a breach I couldn't remember what name/password combination I had used and ended up changing bunches of them as a precaution.

Reply | Thread


(no subject)

from: schnee
date: Feb. 5th, 2014 10:20 am (UTC)

Always a good idea. It drives home the lesson that you should never reuse passwords, too, and that keeping them stashed somewhere safe is essential so you don't have to remember dozens of random strings of digits and numbers and interpunctuation.

Reply | Parent | Thread