14 DAY TRIAL // A list containing 29 million MD5 encrypted passwords has been leaked online. Since around 3,000 of them appeared to belong to customers of dating website Zoosk, the company is urging affected users to change their passwords.
According to Ars Technica, the information was posted on the InsidePro forum by an individual who claimed to have obtained it from various sources.
Zoosk representatives have told Ars they haven’t found any evidence to suggest that their own systems have been compromised.
In addition, they’ve revealed that they’re no longer using the MD5 algorithm to encrypt passwords, but instead, they’re utilizing the PBKDF2 key derivation function with the SHA-256 algorithm and salt.
Experts who have analyzed the leaked passwords say that many of them might belong to the customers of other companies. Some of the passphrases contained words such as “apple,” “linkedin,” “yahoo,” “iphone” and “hotmail.”