FormSpring breached, exposing 420K passwords

Formspring‘ has decided to temporarily disable the same amount of user passwords affected by the aforementioned security breach.

Fortunately, usernames or any other forms of ID were not revealed in conjunction with the password hashes so there’s no need to panic, not a single cyber-stalking tactic from a user was revealed by anyone else.

It’s worth noting that the hashes were ‘salted’, an additional layer of security to make it hard for hackers to perform a dictionary attack on the hashes — In Layman’s terms, a salted hash containing the passwords will take a longer time (possibly even years) to decrypt.

Furthermore, Formspring has immediately responded to the issue by sending password-reset emails to an unknown number of users and by further upgrading the security of their data servers to prevent similar breaches from occurring again.

It’s highly advisable that you guys pay attention to those emails and have your password renewed as soon as possible, if you have not received any email from Formpsring, try taking a look in your spam folder.

{source}