Data Backup Digest

Do-It-Yourself Windows File Recovery Software: A Comparison

results »

MySpace Hackers Steal 427 Million User Passwords

Although the social media network MySpace has certainly waned in popularity over the years, the site still maintains thousands of profiles that haven't been used or updated in years. While this may seem inconsequential to most, the site has now become a gold mine for hackers. In fact, a recent cyber-attack on MySpace resulted in the breach of over 100 million username and password combinations.

Staggering Numbers

Per online reports, the total number of username and password combinations exceeds 427 million. Of that amount, approximately 360 million account credentials were made available for sale online. Although many of these accounts are outdated to say the least, the credentials alone could be enough to compromise personal accounts on other popular sites.

Lacking Sophistication

Despite the fact that hackers were able to successfully steal millions of MySpace account credentials, the operation doesn't appear to be an incredibly sophisticated operation. According to some reports, many of the passwords are basic, simple passwords. This is exactly why you should always choose a password that is strong, secure and unique to each and every site.

However, the hack was actually years in the making. Although these MySpace login credentials were only recently made available, the actual hack reportedly occurred in 2013. As such, even those who haven't used the site in years may still be vulnerable.

MySpace's Reaction

If there is a positive side to the story, it's MySpace's swift and diligent reaction. The IT team with MySpace has made huge security improvements since 2013, many of which were put in place between the time of the actual hack and the release of information. As such, members who were new to MySpace after 2013 remain relatively safe. They've also add increased protection to the password encryption algorithms of the site.

Moreover, MySpace quickly invalidated all of the passwords for those accounts which have been affected. Specifically, any compromised accounts that were created before June 11, 2013 have been reset since the breach. The team with MySpace also released an official blog post about the subject, both informing their current and past users while simultaneously identifying a possible culprit.

A statement on their official blog reads, in part: "Shortly before the Memorial Day weekend (late May 2016), we became aware that stolen Myspace user login data was being made available in an online hacker forum. The data stolen included user login data from a portion of accounts that were created prior to June 11, 2013 on the old Myspace platform.

The post continued by stating: "We believe the data breach is attributed to Russian Cyberhacker ‘Peace.’ This same individual is responsible for other recent criminal attacks such as those on LinkedIn and Tumblr, and has claimed on the paid hacker search engine LeakedSource that the data is from a past breach. This is an ongoing investigation, and we will share more information as it becomes available."

Protecting Users in the Future

There's no doubt that MySpace is taking this breach very seriously. Considering their most recent security improvements, as well as those which were actually in place before the information was released, it's safe to say that MySpace is certainly trying to protect their users from future attacks.


No comments yet. Sign in to add the first!