Myspace breach


The social media website Myspace has announced that it was the victim of possibly the largest password breach in history. Approximately 360 million email addresses and 427 million passwords of Myspace users recently appeared on the dark web for sale. The breach is believed to have compromised the login credentials of all accounts created prior to the June 11, 2013 site relaunch.

Announced: May 27, 2016

Description of the breach: On May 31, 2016 Myspace notified their members that “stolen Myspace user login data was being made available in an online hacker forum.” This data includes 427,484,128 passwords and 360,213,024 email addresses. In a blog detailing the security measures Myspace has taken since as a result of the breach, Myspace stated that they have “invalidated all user passwords for the affected accounts created prior to June 11, 2013 on the old Myspace platform. These users returning to Myspace will be prompted to authenticate their account and to reset their password.”  

Because many consumers reuse their passwords across multiple sites, those accounts are likely susceptible to hacking if the account holders use the same login/password combination elsewhere. If you reuse your Myspace password or suspect you may have, it is advisable that you change your passwords immediately. In addition, Myspace users are being advised to be wary of suspicious emails as hackers tend to use the information from large data breaches in phishing scams to lure individuals into clicking dangerous links or relinquishing private information.

Data breach period: Prior to June 11, 2013

Official information from Myspace:

Contact Myspace:

More coverage of this breach: Motherboard and USA Today