So, as if having my email address sold to spammers by last.FM isn’t enough, today I got an email saying they have had a major security breach and that passwords have been taken. The email states that “We are currently investigating the leak of some Last.fm user passwords. This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we’re asking all our users to change their passwords immediately. ”
How is this related to other sites? Your security is your security! Are they implying that cause LinkedIn can get hacked anyone can and that it’s OK?
The weird thing is, I have a number of account on last.FM (3) and I only got this notification email on 1 email address. None of the account are Linked in any common way, all are different emails, names and accessed in different locations so they couldn’t have married them up at all. This opens them up to the possibility of knowing what passwords got out, and are asking only specific users to change their password which is an even BIGGER problem than just a minor breach.
To me this is a huge mistrust issue, you sell my email and now you tell me my password is out there? This means that both my passwords and my email address can be obtained and anyone can get into my account which has personal data AND a credit card attached to it.
Last straw last.fm I am now shutting down all my accounts with you, completely blocking all email addresses that where used to sign up and taking my money to Spotify