Greatest Moments in Hacking History: Samy Kamkar Takes Down Myspace
You may have left Myspace and its indie bands behind years ago, but Myspace hasnt forgotten you. Or rather, it hasnt forgotten your password, which is unfortunate, because it just revealed that a hacker stole username and password infomation from what could be more than 360 million accounts.
The HackLate last week, Myspace discovered that user login data (those usernames and passwords, and, in some cases, secondary passwords as well) were up for sale in an online hacker forum. Myspace says it believes the hacker responsible goes by the name of Peace, and that hes also responsible for therecent hacks of Tumblr and LinkedIn.
Importantly, according to the hack-tracking site LeakedSource, the intrusion itself took place in June of 2013, before MySpace transitioned from failed social network to failed music marketing platform. That means that even if you havent used MySpace in years, you still could be vulnerable.
Whos AffectedMore people than you might think!
Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk, writes Myspace in a blog announcing the hack. It may be hard to remember now, but Myspace was once hugely popular, as evidenced by LeakedSources findings that 360,213,024 user records are in the data set111,341,258 of which have an associated username.
As for current users, Myspace says it has increased its security significantly since 2013, specifically by using double salted hashes, which makes it much harder to crack passwords even if theyve been breached. If you joined Myspace after its 2013 relaunch, you should be clear, and also whats it like over there? Let us know in the comments.
How Serious Is This?Its pretty serious. Its unlikely that anyone will break into your zombie Myspace page; the company has invalidated user passwords for all affected accounts, and didnt store credit card or other financial info anyway. The bigger worry, though, is that MySpace didnt protect passwords with much rigor prior to 2013, meaning that if you use the same username and password combo on any other sites today as you did for social networking in 2007, youre at risk.
Its also concerning just for the sheer volume of the hack; if LeakedSource is correct, this would be one of the largest breaches ever. That it comprises mostly old Myspace accounts also presents another problem: Who remembers the password they were using several years ago on a long-ignored platform? Its hard to change a compromised password if you dont even know what it is, which means that to feel truly safe, you should probably change any password youve been using for a long time across multiple services. Also, stop using the same password across multiple services. Seriously, stop.
Go Back to Top. Skip To: Start of Article.Source: http://news.google.com/news/url?sa=t&fd=R&ct2=us&usg=AFQjCNEag5LJ3yNpu9e5CmE_r-Tfg6kf7Q&clid=c3a7d30bb8a4878e06b80cf16b898331&cid=52779120535974&ei=BWlQV4ijK4OO3AHk9aj4Ag&url=https://www.wired.com/2016/05/hack-brief-old-myspace-account-just-came-back-haunt/
No comments:
Post a Comment