eHarmony Passwords Stolen

by Andy on June 7th, 2012 in Security Alert.

Hot on the heels of the LinkedIn password breach, dating site, eHarmony have reported that "a small fraction" (about 1.5 million) of their user base have also been affected. Like LinkedIn, eHarmony have reset the compromised account's passwords and will send out notification explaining how to reset them. Probably a good time to change your password - check the best practices in the LinkedIn post from earlier today.

Full text of the eHarmony blog:

"The security of our customers’ information is extremely important to us, and we do not take this situation lightly.

After investigating reports of compromised passwords, we have found that a small fraction of our user base has been affected. We are continuing to investigate but would like to provide the following actions we are taking to protect our members.

As a precaution, we have reset affected members passwords.

Those members will receive an email with instructions on how to reset their passwords.

We recommend all members to practice these robust password security tips:

  • Create a strong password of at least 8 characters, composed of lowercase and uppercase letters, numbers and symbols
  • Create different passwords for each of the Internet sites you use
  • Change your passwords every few months

 
Please be assured that eHarmony uses robust security measures, including password hashing and data encryption, to protect our members’ personal information. We also protect our networks with state-of-the-art firewalls, load balancers, SSL and other sophisticated security approaches.

We deeply regret any inconvenience this causes any of our users."