Old Myspace accounts can be easily hacked

3 min read
1

hackers

Back before Facebook, Twitter and Instagram, one social network reigned supreme. It’s also one that just about everybody (but Tom!) has forgotten about. Yes, once upon a time people actually used Myspace. Maybe you did – and didn’t remember to actually delete your account when the world moved on.

Well, it looks like those accounts are prime for the picking. Security expert Leigh-Anne Galloway found out that the old social networking site’s recovery process is so fundamentally flawed that all anyone needs to recover your account is your real name, user name and birthday. Those are three pretty easy bits of information to get.

There’s truthfully not too much that can be done with a dormant MySpace account, unless you’ve still got pertinent information stored in your profile, but if you want to be on the safe side you should probably delete your old accounts. Galloway discovered the flaw in April and contacted Myspace about it, though they haven’t responded.

Says Galloway:

“So how seriously does Myspace take security? Not seriously at all. I sent an email to Myspace in April documenting this vulnerability and received nothing more than an automated response. This has lead me to disclose the vulnerability while it still exists. It seems Myspace wants us all to take security into our own hands. If there is a possibility that you still have account on Myspace, I recommend you delete your account immediately.

Perhaps this situation is not surprising as most of us no longer use Myspace. So why does this matter? Myspace is an example of the kind of sloppy security many sites suffer from, poor implementation of controls, lack of user input validation, and zero accountability. Whilst Myspace is no longer the number one social media site, they have a duty of care to users past and present.”

They did, however, respond to Engadget who pressed for comment.

“In response to some recent concerns raised regarding Myspace user account reactivation, we have enhanced our process by adding an additional verification step to avoid improper access. We take data security very seriously at Myspace. We plan to continue to refine and improve this process over time.”

Last Updated: July 18, 2017

Read  Twitter is going to start removing verification ticks for rules violations

Geoffrey Tim

Editor. I’m old, grumpy and more than just a little cynical. One day, I found myself in possession of a NES, and a copy of Super Mario Bros 3. It was that game that made me realise that games were more than just toys to idly while away time – they were capable of being masterpieces. I’m here now, looking for more of those masterpieces.

  • Frik van der Hewerskink

    MySpace, now that’s a name I haven’t heard in a long long time.

Check Also

Former Facebook VP says social media is ripping society apart

“I think we have created tools that are ripping apart the social fabric of how society wor…