MySpace passwords stolen

[Darklord Rooke]

Approximately 400 million Myspace passwords have been stolen and up for sale. Most of them probably obsolete … like the people still using Myspace (ahahaha.) The most important things to take away from this are:

• If you still use MySpace, change your password. Then change it once a fortnight for the foreseeable future. Why? Because
• Myspace uses a very out of date and weak encryption method revealing they don’t take security seriously. They use a weak algorithm and don’t salt passwords. (Bats should give them a call.) Lastly
• Social media continues to suck. I mean why people. Why?

Quote

The same hacker who was selling the data of more than 164 million LinkedIn userslast week now claims to have 360 million emails and passwords of MySpace users, which would be one of the largest leaks of passwords ever. And it looks like the data is being circulated in the underground by other hackers as well.

It’s unclear when the data was stolen from MySpace, but both the hacker, who’s known as Peace, and one of the operators of LeakedSource, a paid hacked data search engine that also claims to have the credentials, said it’s from a past, unreported, breach.

Neither Peace nor LeakedSource provided a sample of the hacked data. But Motherboard gave LeakedSource the email addresses of three staffers and two friends who had an account on the site to verify that the data was real. In all five cases, LeakedSource was able to send back their password.

The database contains 427,484,128 passwords, but there are only 360,213,024 million emails, according to LeakedSource, which announced the leak on Friday in a blog post. Each record in the hacked dataset contains “an email address, a username, one password and in some cases a second password,” according to the site.

http://motherboard.vice.com/read/427-million-myspace-passwords-emails-data-breach

[Eclipsed]

The only reason Rooke would care about Myspace so much as to warn the public here when nobody here actually has one (100% guaranteed)

Is that

YOU HAVE A MYSPACE, GRANPA!!!!

[Mr Poltroon]

1 minute ago, Eclipsed said:

The only reason Rooke would care about Myspace so much as to warn the public here when nobody here actually has one (100% guaranteed)

Is that

YOU HAVE A MYSPACE, GRANPA!!!!

Alternatively, the obvious reason:

Mock the people who use it and criticise social media as usual.

[Fiddle]

OH GOD, NO

YOU'VE BETRAYED US, TOM

you were always there for me

[sanahtlig]

The problem with these breaches isn't so much the data in the particular hacked account.  The real problem is that people reuse usernames and passwords across multiple sites, and once these passwords are leaked they're stored in a massive database for brute-force attempts on other sites.  So one password getting linked could compromise dozens of other accounts.  One site getting hacked compromises accounts all across the Web.

If you reuse passwords, you're vulnerable.  If you don't secure accounts with multi-factor authentication, you're vulnerable.  Most of us rely on not having anything worth stealing as our primary form of security ("Security through obscurity").

On the flip side, online security is often more robust than traditional methods.  Most credit card theft probably stems from offline purchases or interactions.  So really, you're vulnerable no matter what.  The sad truth is that security is not a priority, either for businesses OR users.

[VirginSmasher]

I haven't seen an irrelevant topic like this since that whole what colour is the dress? "issue."

[Kelebek1]

1 hour ago, Fiddle said:

OH GOD, NO

YOU'VE BETRAYED US, TOM

you were always there for me

 

[Valmore]

MySpace? I don't think I even remember my password, but I'm sure it's not any of the ones I use now.

[Justin579]

Myspace? What's that?

[Valmore]

25 minutes ago, Justin579 said:

Myspace? What's that?

A precursor to Facebook. Facebook pounded them out of the internet. Okay, it still exists but hardly anybody uses it.

[Fred the Barber]

Shit, even I'm not old enough to have a MySpace page. Also, please use this and make unique passwords everywhere, people: https://www.1password.com/ 

Once you learn the keyboard shortcut, it's vastly more convenient than even typing a username and password, let alone remembering one.

[Justin579]

35 minutes ago, Valmore said:

A precursor to Facebook. Facebook pounded them out of the internet. Okay, it still exists but hardly anybody uses it.

it was sarcasm.

[Funyarinpa]

Never understood what was so morally reprehensible about grave digging

[Zalor]

The last time I remember MySpace being relevant was when i was in 3rd and 4th grade. Holy Shit that was a long time ago. Back in those days I though that the 6th, 7th, and 8th graders were cool. lol

[Kelebek1]

Bring back Bebo.

[Lewycool]

Thanks for this  Useful report @Rooke! Gonna go change it now!

[Nosebleed]

I mean... I would change it... If I even remembered what e-mail/password I used.

[DarkZedge]

Wasn't MySpace kinda dead and buried already? not that this happening isn't bad but I don't know, I never had a MySpace account.