RockYou is a company that develops applications for Facebook, MySpace, and a number of other popular social networking websites. It's the second biggest application developer for Facebook after Zynga, which recently made headlines for its "scammy" offers. Last month, RockYou fell victim to an SQL injection attack, in which a hacker or hackers successfully accessed a database containing email addresses and passwords for over 30 million users. Last week, RockYou was hit with a class action lawsuit, alleging that RockYou "recklessly and knowingly failed to take even the most basic steps to protect its users' personally identifiable information by leaving data entirely unencrypted and available for any person with a basic set of hacking skills."
Login data for a social networking application may seem like a trivial data breach, but it becomes a more serious matter when one considers the frequency with which the same password is reused for several online accounts. If someone gets into your RockYou account, the consequences will probably be minimal, but that same stolen data could be used to access your personal email or online banking accounts.
We've said it before and we'll surely be compelled to say it many, many more times, but: don't use the same password for multiple online accounts! It's a terrible habit that compromises your security and identity. And think carefully about whether applications on Facebook and other social networking sites are really worth the risk of viruses and identity theft.
Be sure to install Internet security software, and set it to update automatically. And consider investing in identity theft protection.