Myspace hack: Why you should delete your old, unused account right now

As many as 360 million MySpace accounts turned up for sale Friday in a 33-gigabyte dump online

Brian Fung
Wednesday 01 June 2016 08:10 EDT
Comments
MySpace's founder Tom
MySpace's founder Tom (MySpace)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Despite falling out of vogue years ago, MySpace -- that old precursor to Facebook -- still has details on more user accounts than the United States has people. And now a hefty chunk of those account credentials has been leaked to the entire Internet, in a humbling reminder that the Matchbox Twenty-inspired username you probably made in high school is still worth a heck of a lot to companies and criminals.

As many as 360 million MySpace accounts turned up for sale Friday in a 33-gigabyte dump online, according to reports that were confirmed Monday by MySpace's parent, Time Inc.

The massive leak includes passwords, email addresses and usernames that were swiped from MySpace in a hack dating to June 2013, before MySpace made a site redesign that closed some security gaps.

In a blog post Tuesday, MySpace said it has disabled the affected passwords so that nobody can use the leaked credentials to gain unauthorized access to accounts.

Huge cyber attack hits US government workers

It's unclear how many of the accounts in the MySpace hack were still "active," in the sense that they belong to people who continue to log into the service today. But chances are at least some of these accounts hadn't been touched for years. The reason this makes you vulnerable is the same reason experts say you shouldn't use the same username and password for every online service -- it makes it easy to take one set of stolen credentials and plug them into others, giving hackers potential access to large swaths of your digital life.

In that light, it seems there's a strong case for deleting your old, unused accounts -- or at least creating a throwaway email address to associate with the services you don't use so that they're insulated from the email addresses you use for more important things. Not only does it potentially cut down on the number of credentials you have to remember (although hopefully you're solving that by using a password manager, right?), but it helps limit your exposure to hackers. By changing the credentials on your old accounts and disassociating them from online services that you use in the present-day, you can help make sure none of your other Internet identities are put at risk.

Personal data from the MySpace breach was going for sale to the tune of thousands of dollars, highlighting how even outdated information can carry significant value. But whether your old data gets used for marketing, fraud or some other nefarious purpose is still at least partly within your control.

MySpace was once one of the most popular social networks on the planet, reaching about 100 million unique users each month in 2006. News Corp purchased the site for $580 million, outbidding Viacom in the process. In 2011, MySpace was sold at a huge loss of $35 million, as Facebook began to dominate the social network business.

In February of this year, Time purchased MySpace and its parent company, Viant Technology. But the deal announcement focused almost entirely on the value of Viant's advertising and tracking technology. MySpace was mentioned only in passing at the bottom of the news release.

Copyright: Washington Post

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in