Science

Time, Inc. Confirms Someone Bothered to Hack Into Myspace, Lots of Users Affected

If you have an active account registered before June 11, 2013, your data might have been compromised.

by Kastalia Medrano

Myspace, the site you visit to find photos for Throwback Thursday, was the target of a massive hack last week, its owner Time Inc confirmed today. The hack targeted user login data — usernames, passwords, and email addresses — from before Myspace strengthened its security in June 2013. Given that the site’s peak was long before that, this might affect most users. There’s good news though: the social network has already announced it’s working to remedy the issue.

Myspace was being overshadowed by a succession of younger, hipper networks long before the summer of 2013, but it still retains a surprising volume of users: around 50 million people each month, according to the Wall Street Journal, a figure which probably shocks you because you associate it with the pre-smartphone, pre-Facebook era in which we all lived like cave-people.

In its mid-2000s prime (the precise zenith of which was December 2008), it had around 75.9 million monthly users. By comparison, Facebook currently has the most users of any social network, at around 1.59 billion monthly active users. As you’d expect, the decline of Myspace lines up fairly cleanly with the meteoric rise of Facebook.

“We believe the data breach is attributed to Russian Cyberhacker ‘Peace,’” Myspace announced today. “This same individual is responsible for other recent criminal attacks such as those on LinkedIn and Tumblr, and has claimed on the paid hacker search engine LeakedSource that the data is from a past breach. This is an ongoing investigation, and we will share more information as it becomes available.”

Myspace invalidated all affected user passwords (those attached to accounts created before June 11, 2013), and their owners will be prompted to reset them. This does at least provide them with an opening to make their passwords more complex; not to victim-blame, but apparently the most common passwords found in the stolen data included “password1,” abc123,” and “123456.”

So if you’re one of the holdouts still clinging to the Myspace account you set up way back when, now is your chance to at least improve its security.