Social network Formspring reset passwords for all of its 28 million members Wednesday after hackers posted password information to about 420,000 accounts online.
The security breach came a month after a similar breach affecting the passwords of 6.5 million members of professional social network LinkedIn.
In a blog post, Formspring founder Ade Olonoh said the San Francisco company was notified that about 420,000 password hashes were posted to an online security forum, although they did not include user names or other member-identifying information.
“Once we were able to verify that the hashes were obtained from Formspring, we locked down our systems and began an investigation to determine the nature of the breach,” Olonoh wrote. “We found that someone had broken into one of our development servers and was able to use that access to extract account information from a production database.”
Formspring plugged the hole and upgraded its encryption systems, but also decided to disable all passwords to “play it safe,” he said. Members who signed on through Facebook could still do so, but the company also advised all users to change their passwords once they logged back on.
