According to the latest report, MySpace was hacked. Hacker stole around 360 million Username and Password. These credentials are available for sale online.
LeakedSource said the MySpace data was provided to it by one of its users. LeakedSource is a search engine capable of searching over 1.6 billion leaked records.
The data set contains 360,213,024 records. Each record contains an email address, a username, one password and in some cases a second password. Out of 360 million, 111,341,258 accounts had a username attached to it. And 68,493,651 had a secondary password.
According to the site, the passwords were stored using the SHA1 algorithm. SH1 is easy to decrypt and didn’t use “salting”. A technique that involves the addition of random data to make decryption more difficult.
The methods MySpace used for storing passwords are not what internet standards propose.
Only a few thousand of the passwords were over 10 characters in length. Almost none contained an upper-case character, according to the site. Some contained a “1” at the end, suggesting MySpace required passwords to contain a number.
Popular passwords included “password1”, “abc123” and “123456”, the site found.
MySpace was founded in 2003 and was famous before Facebook took over the social media. It offers personal profiles, blogs, groups, photos, music, and videos.
Last week LeakedSource disclosed the LinkedIn Security Breach. LeakedSource obtained a copy of 117 million password records stolen from social network LinkedIn in 2012. These records were available for sale online as well.
LinkedIn said at the time that the breach had only affected about 6.5 million user accounts. They asked users to reset the password for those accounts only.