"The security breach that led to millions of Last.fm passwords being compromised happened at least three months ago — and remained undetected, despite the fact that the company suspected in May that it had been targeted. On Thursday, the CBS-owned, London-based music website became the latest website — after LinkedIn and eHarmony — to reveal that its data had been stolen, asking users to change their passwords after a dump of around 1.5 million passwords appeared on a cryptography forum. Over the weekend, product chief Matthew Hawn posted an update saying that the hack had become apparent after a tip-off, and that the company had already upgraded its security as a result:" - Miguel Caetano from Bookmarklet