Millions of MySpace and Tumblr Account Details For Sale Online

Forum Moderators: open

Message Too Old, No Replies

Millions of MySpace and Tumblr Account Details For Sale Online

engine

1:49 pm on May 31, 2016 (gmt 0)

The LinkedIn data being sold [webmasterworld.com] was in the region of 100 million, but this appears a bigger data haul with over 360 Million account details and, supposedly, linked passwords.

Hundreds of millions of hacked account details from social networks MySpace and Tumblr have been advertised for sale online.

In both cases, the logins appear to have been stolen several years ago but only recently came to light. Millions of MySpace and Tumblr Account Details For Sale Online [bbc.co.uk]

MySpace says it has invalidated all passwords for accounts created prior to June 11, 2013, on the old MySpace platform.
[myspace.com...]

Tumblr says the breach took place before Yahoo acquired the service, and it will be requiring users to set a new password.
[staff.tumblr.com...]

keyplyr

11:39 am on Jun 1, 2016 (gmt 0)

MySpace says it has invalidated all passwords for accounts created prior to June 11, 2013, on the old MySpace platform.

That may be a valid statement. My old password did not work when I went to make sure my account was deleted (deleted when they did site upgrade & required Adobe Flash.)

However, since many users disregard warnings and use the same password at multiple sites, the damage is done despite any after-the-fact measures, which seem to be more posturing than effective.

engine

11:58 am on Jun 1, 2016 (gmt 0)

Oh, yes, it's up to individuals to use unique passwords, or they could suffer the consequences after these thefts. The issue is not just for their MySpace account, it's for any other account of theirs that uses the same e-mail and password, and it could take them some time to eventually get around to hacking into other accounts, or in developing identity theft.

J_RaD

3:14 pm on Jun 3, 2016 (gmt 0)

oh boy can't wait to get my hands on that juicy myspace data! *says nobody*

engine

3:28 pm on Jun 3, 2016 (gmt 0)

J_RaD I think that's wrong. As I mentioned, it's part of the process of stealing access to other services, and then to the further stage of identity theft.

J_RaD

9:30 pm on Jun 3, 2016 (gmt 0)

the myspace data is prob going to be 75% outdated junk with emails that don't even work any more.
LinkedIn , is going to be a pot of gold .... all your info and your employment history, agh

These ID theft people need to be dipped in boiling oil.

keyplyr

10:21 pm on Jun 3, 2016 (gmt 0)

I deleted my LInkedIn account a year ago, yet LinkedIn continues to keep a page with my name at the top (basically empty except for their logo, style sheet colors and my name.)

When I examine the mark-up, the page is dynamically generated. This keeps one of their pages in the SERP. This seems predatory IMO.

engine

9:43 am on Jun 4, 2016 (gmt 0)

the myspace data is prob going to be 75% outdated junk with emails that don't even work any more.

And the 25% that may still be live are at risk.
The scamsters don't care about the out-of-date ones. They will use automated methods to work their way through until they strike gold.
I'm just so surprised at the age of some of this material that is sold on, yet, it can keep rearing its head some time after the event.

keyplyr

10:12 am on Jun 4, 2016 (gmt 0)

Old data retains value.

Old info gets packaged, sold, repackaged, resold numerous times at many levels. The email spammers who buy email address lists still buy this... proven by the amount of spam my old email boxes still get.

Old passwords from past, now defunct accounts of mine have been attempted with at least one of my social media accounts.

And who changes their bank account numbers?

Pjman

12:13 am on Jun 5, 2016 (gmt 0)

The biggest news to me is that actual humans still use those two sites.

J_RaD

3:29 am on Jun 5, 2016 (gmt 0)

I deleted my LInkedIn account a year ago, yet LinkedIn continues to keep a page with my name at the top

I have no idea how they even got my email address but they keep sending me fake "friend" requests to make me sign up and build out a profile

sorry nice try, I don't know Jane Doe, and im not about to sign up for your service just cause I do.

tangor

4:17 am on Jun 5, 2016 (gmt 0)

It is all in the identity and password... we know (sadly) that umpteen per cent of users rely on the same for all their site traffic.

lucy24

5:31 am on Jun 5, 2016 (gmt 0)

I deleted my LinkedIn account a year ago, yet LinkedIn continues to keep a page with my name at the top

Try asking a friend or relative to tell them that you died. (I just checked: nope, no page for my mother, whose account I closed a year or two back.) You'll need to create a web page with a fake obituary, but for people hereabouts that should be a snap.

:: irritably wondering why they made me change passwords AGAIN, even though I just did so last week ::

keyplyr

5:59 am on Jun 5, 2016 (gmt 0)

I could have a fake funeral with everyone dressed in black. Of course I would write the eulogy myself... I know just what to say.

tangor

7:08 am on Jun 5, 2016 (gmt 0)

Men in Black? Dare we ask which planet?

And to keep this on Planet OP: Hopefully all those past hacked have done the right thing and changed all passwords!