November 13th, 2013, 21:54 PM
Facebook urges users to change passwords following Adobe breach
Facebook has moved to protect its users from hackers, urging all accounts with the same password as those leaked in a recent Adobe breach to change their login details.
The move was originally spotted by security investigator Brian Krebs, who reported that the social network is prompting accounts with matching Adobe and Facebook passwords to change their login details.
A Facebook spokesperson confirmed the information to V3, commenting: "We actively look for situations where the accounts of people who use Facebook could be at risk, even if the threat is external to our service."
Facebook is also forcing some users to confirm their identity by answering a selection of security questions. Adobe announced that it had fallen victim to an attack in October, when hackers stole 38 million customer login details.
Adobe has confirmed the data is encrypted and should remain safe. Experts have questioned this, arguing that analysis shows Adobe used a single encryption key to protect the data, which means hackers would theoretically be able to guess the right key and decrypt the data.
Facebook would not disclose how it knew which accounts had identical passwords, and the firm's spokesperson said: "We don't have any more information to share on this." Krebs reported that Facebook spotted the identical passwords by cross-checking compromised Adobe account information with its own.
"Facebook and any other company can take any of the Adobe passwords that have already been guessed or figured out and simply hash those passwords with whatever one-way hashing mechanism(s) they use internally," read the post. "After that, it's just a matter of finding any overlapping email addresses that use the same password."