Υποκλοπή τουλάχιστον 360 εκατομμυρίων user credentials από το Myspace

[giatros.net]

Το δημοφιλές -παλαιότερα- κοινωνικό δίκτυο Myspace, φαίνεται πως έπεσε θύμα απίθεσης με τους δράστες να υποκλέπτουν τουλάχιστον 360 Συνημμένο Αρχείο 171146εκατομμύρια user credentials -συμπεριλαμβανομένων usernames, passwords και email addresses- με ημερομηνία εγγραφής πριν τον Ιούνιο του 2013.

Το Myspace.com που πέρασε πριν μερικούς μήνες στην ιδιοκτησία της Time Inc, είχε αυξήσει το επίπεδο ασφαλείας του το καλοκαίρι του 2013, και όπως φαίνεται τα κλεμένα δεδομένα αφορούν την περίοδο πριν την ενίσχυση αυτήν. Ήδη τα passwords που κλάπηκαν έχουν ακυρωθεί και συστήνεται σε όσους τα χρησιμοποιούσαν σε άλλα sites να τα αλλάξουν το συντομότερο.

Πηγή : Engadget

απίθεση θηλυκό =αχθρική ανέργεια με στόχο την αξόντωση ή την αξουδετέρωση του αχθρού, την απόκτηση αδάφους ή αγαθού, κλπ.

[eyw]

Ξαναπήγα myspace και I signed up, είναι νεανικο-καλλιτεχνικό και cool, wow!
Εύκολο sign up και μέσα σε <1m.
Εμαθα και ότι η Nicole Scherzinger (Pussycat Dolls) θα είναι στο 'X Factor' UK και ότι η Taylor Swift και ο Calvin Harris χωρίζουν και στεναχωρέθηκα.
Είναι καλύτερο απο το fb, ελάτε είναι awesome.

xhaos #29
όσο παρανοϊκός και να είσαι δεν φτάνει, τουλάχιστον 1 φορά τη βδομάδα όλο και κάτι διαβάζουμε εδώ στο site, πχ heartbleed και άλλες παθήσεις.
Το απλούστερο είναι το καλύτερο imo και το keepass είναι super, μεταξύ άλλων επιτρέπει να ονομάσεις εσύ το αρχείο database όπως θες.
Περισσότερα σε άλλο thread.

[asimako]

Σήμερα μου ήρθε το παρακάτω mail από το MySpace.

Spoiler:

Notice of Data Breach
You may have heard reports recently about a security incident involving Myspace. We would like to make sure you have the facts about what happened, what information was involved and the steps we are taking to protect your information.
What Happened?
Shortly before the Memorial Day weekend (late May 2016), we became aware that stolen Myspace user login data was being made available in an online hacker forum. The data stolen included user login data from a portion of accounts that were created prior to June 11, 2013 on the old Myspace platform.
We believe the data breach is attributed to Russian Cyberhacker β€˜Peace.’ This same individual is responsible for other recent criminal attacks such as those on LinkedIn and Tumblr, and has claimed on the paid hacker search engine LeakedSource that the data is from a past breach. This is an ongoing investigation, and we will share more information as it becomes available.
What Information Was Involved?
Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk. As you know, Myspace does not collect, use or store any credit card information or user financial information of any kind. No user financial information was therefore involved in this incident; the only information exposed was users’ email address and Myspace username and password.
What We Are Doing
In order to protect our users, we have invalidated all user passwords for the affected accounts created prior to June 11, 2013 on the old Myspace platform. These users returning to Myspace will be prompted to authenticate their account and to reset their password by following instructions at https://myspace.com/forgotpassword
Myspace is also using automated tools to attempt to identify and block any suspicious activity that might occur on Myspace accounts.
We have also reported the incident to law enforcement authorities and are cooperating to investigate and pursue this criminal act. As part of the major site re-launch in the summer of 2013, Myspace took significant steps to strengthen account security.Β The compromised data is related to the period before those measures were implemented. We are currently utilizing advanced protocols including double salted hashes (random data that is used as an additional input to a one-way function that "hashes" a password or passphrase) to store passwords.Β Myspace has taken additional security steps in light of the recent report.
What You Can Do
We have several dedicated teams working diligently to ensure that the information our members entrust to Myspace remains secure. Importantly, if you use passwords that are the same or similar to your Myspace password on other online services, we recommend you set new passwords on those accounts immediately.
For More Information
If you have any questions, please feel free to contact our Data Security & Protection team at dsp_help@myspace-inc.com or visit our blog at https://myspace.com/pages/blog.

[Helene]

Σήμερα μου ήρθε το παρακάτω mail από το MySpace.

Spoiler:

Notice of Data Breach
You may have heard reports recently about a security incident involving Myspace. We would like to make sure you have the facts about what happened, what information was involved and the steps we are taking to protect your information.
What Happened?
Shortly before the Memorial Day weekend (late May 2016), we became aware that stolen Myspace user login data was being made available in an online hacker forum. The data stolen included user login data from a portion of accounts that were created prior to June 11, 2013 on the old Myspace platform.
We believe the data breach is attributed to Russian Cyberhacker β€˜Peace.’ This same individual is responsible for other recent criminal attacks such as those on LinkedIn and Tumblr, and has claimed on the paid hacker search engine LeakedSource that the data is from a past breach. This is an ongoing investigation, and we will share more information as it becomes available.
What Information Was Involved?
Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk. As you know, Myspace does not collect, use or store any credit card information or user financial information of any kind. No user financial information was therefore involved in this incident; the only information exposed was users’ email address and Myspace username and password.
What We Are Doing
In order to protect our users, we have invalidated all user passwords for the affected accounts created prior to June 11, 2013 on the old Myspace platform. These users returning to Myspace will be prompted to authenticate their account and to reset their password by following instructions at https://myspace.com/forgotpassword
Myspace is also using automated tools to attempt to identify and block any suspicious activity that might occur on Myspace accounts.
We have also reported the incident to law enforcement authorities and are cooperating to investigate and pursue this criminal act. As part of the major site re-launch in the summer of 2013, Myspace took significant steps to strengthen account security.Β The compromised data is related to the period before those measures were implemented. We are currently utilizing advanced protocols including double salted hashes (random data that is used as an additional input to a one-way function that "hashes" a password or passphrase) to store passwords.Β Myspace has taken additional security steps in light of the recent report.
What You Can Do
We have several dedicated teams working diligently to ensure that the information our members entrust to Myspace remains secure. Importantly, if you use passwords that are the same or similar to your Myspace password on other online services, we recommend you set new passwords on those accounts immediately.
For More Information
If you have any questions, please feel free to contact our Data Security & Protection team at dsp_help@myspace-inc.com or visit our blog at https://myspace.com/pages/blog.

Άλλη δουλειά δεν είχε ο Ρώσος, έκλεβε τα data του 2013... Τί να πεις...