DeviantART, the worlds largest social network for artists, has had one of their databases exposed. This latest breach comes in the shadows of McDonald"s member database and Gawker database exposures in the past two days.
DeviantART notified its users via its newsletter and stated that "Silverpop Systems, Inc., a leading marketing company that sends email messages for its clients, told us that information was taken from its servers. This was probably part of a sweep by spammers. As a result, email addresses belonging to deviantART members were copied. Corresponding usernames and birth date may also have been removed ." ".
The significance is that the database contained 13 million email address that are now in the hands of spammers who may now launch a new phishing scam against the members. DeviantART, via Softpedia, states that along with email addresses, birth dates and usernames may have been leaked but passwords were not compromised.
While this breach is not as dangerous as the Gawker exposure because passwords were not leaked out, it does continue the worrying trend of databases being compromised. For good measure, its always a good idea to create a strong password, one that has letters and numbers at minimum and if the system allows, symbols and case sensitive characters.
[Update] We have been contacted by DeviantART who wanted to clarify a few issues that SoftPedia misreported:
"While we"re not at liberty to provide any additional details due to the ongoing investigation, we do want to clarify a few inaccuracies: 1) Not all of our members were impacted. The ones who were received an email from the company. 2) We explicitly stated that it was Silverpop"s servers that were breached - not deviantART"s. None of our servers or other systems were compromised. "