Boxee.tv breach exposed data of 1,54000 users

http://gigaom2.files.wordpress.com/2012/10/boxeetv-perspective-e1350342282171.jpg

Ars reports that last week’s hack of Boxee revealed the data, including username, email address, passwords and forum messages of over 154000 users. The data is published online in a massive MySQL file of about 800 MB in size which is still circulating online. 

Boxee.tv is a web based tv service that was acquired by Samsung last year. Ars reports that the breach occurred no later than last week, when a full copy of the purloined forum data became widely available, Scott A. McIntyre, a security researcher in Australia, told Ars. 

On Tuesday, officials from password management service LastPass began warning customers with e-mail addresses included in an 800 megabyte file that’s still circulating online. 

The file contains personal data associated with 158,128 user accounts, about 172,000 e- mail addresses, and the cryptographically scrambled passwords that corresponded to those Boxee accounts, LastPass said. 

The dump also included a wealth of other details, such as user birth dates, IP addresses, site activity, full message histories, and password changes. All user messages sent through the service were included as part of the leak.

View full post on Who Got Hacked – Latest Hacking News and Security Updates