Social Q&A site Formspring gets hacked, resets all passwords

420,000 stolen passwords were posted on a security forum Wednesday.


Michelle Jaworski

Internet Culture

Published Jul 12, 2012   Updated Jun 2, 2021, 2:34 pm CDT

Social networking site Formspring reset its members’ passwords after a security breach on Wednesday, the San Francisco Chronicle reported.

Formspring CEO Ade Olonoh told users that more than 420,000 passwords were posted to a security forum by hackers, but he reassured them that the posts on the forums did not reveal usernames or other identifying information. Formspring has 29.5 million registered users.

“Once we were able to verify that the hashes were obtained from Formspring, we locked down our systems and began an investigation to determine the nature of the breach,” Olonoh said in a blog post. “We found that someone had broken into one of our development servers and was able to use that access to extract account information from a production database.”

Formspring then disabled the password for all of their users for everyone from the regulars to the occasional Formspring user. Facebook users still have access to the Formspring app, but they are advised to change their password the next time they log onto the website.

Olonoh told users to change their password the next time they log onto Formspring and recommended that it should be long and complex, kept private and changed regularly.

“We take this matter very seriously and continue to review our internal security policies and practices to help ensure that this never happens again,” Olonoh wrote.

The security breach came only a few weeks after Formspring’s transformation from a website focused on social Q&A’s to conversations based on interests, and just one month after LinkedIn dealt with a similar security breach.

Photo via Facebook

Share this article
*First Published: Jul 12, 2012, 11:39 am CDT