Another day, another spilled database

This has been making the rounds these few days. I don’t think I have a AMO account, that is, I don’t REMEMBER having one. Hard to sort ’em out these days, with a million and one sites requiring seperate (and generally badly hashed) logins…

That being said, this leak isn’t the scale of others that involve financial transactions (sometimes of an embarrassing nature.) And accounts of this kind are littered with dummy personal particulars, since as a rule of thumb the users are technologically savvy. There’s also the consideration that anything dealing with money and/or security clearances always require a heavier burden of security. If your throwaway blog poster account is compromised, the site only (nine out of 10) gets a spam infestation with possible malware links. If your favorite e-commerce account is 0wn3d by Mordor the Russian Mafia, you might be considerably out of pocket. Still, the stunning number of sites still using MD5 hashes (and Mozilla only switched in 2009) should put a chilling fear into any paranoid netizen’s heart and mind.