Hacker Mocks RockYou

YouHaveBeenHacked.jpgUser account information stored in plain text, as well as allowing users to choose passwords of as few as five characters, with no punctuation or numbers required—a hacker’s dream, and a social application site’s nightmare.

More than 32 million RockYou users are likely considering swapping out the first two characters in the site’s name for something a little more forceful after news broke Monday that their account information was compromised by a hacker, TechCrunch reported.

The hacker succeeded by using a method that has been around for more than one decade—a trivial SQL injection vulnerability—according to TechCrunch.

The hacker published a slice of the information he acquired, which also confirmed that RockYou’s data contains a table that stores user information for partner sites and social networks.