• eHarmony hacked, usernames and emails stolen

    eHarmony, the massive online dating site whose late-night TV ads you just can't avoid, has unwittingly given away something much more significant that another weekend of free communication for singles. As reported by security watchdog Brian Krebs, eHarmony has been hacked.

    The worst part: Krebs and another researcher alerted eHarmony administrators about the flaws which allowed the hack to happen last year. The eHarmony heist was reportedly pulled off by the same Argentinian cybercriminal who broke into another dating site -- PlentyOfFish -- and held its data for ransom. He and his associates were also responsible for breaching Pirate Bay not too long ago.

    Data obtained from eHarmony included usernames, email addresses, and password hashes. Administrators traced the attack to an SQL injection vulnerability, which they now say has been patched. eHarmony's network infrastructure was not compromised, Krebs was told. As you can see, a mass password reset was also performed.

    So what happened to the stolen eHarmony data? It was put up for sale for a couple thousand dollars, and it's highly likely that the email addresses have now been passed along to a spam syndicate. You may be getting a lot more than password reset emails in the coming weeks, eHarmony users.