There was a time long, long ago when a social media giant called MySpace roamed the earth like a colossus. But then along came a bigger beast called Facebook and everyone seemed to forget about MySpace. Maybe that’s just as well as, in terms of security, MySpace (which is now owned by Time Inc, and previously by News Corp and AOL) is almost as primitive as the dinosaurs themselves.
A security researcher recently decided to close down her MySpace account and discovered she could access it simply by tapping in name, username and date of birth – which are easy to find on the profile page or through other social media. In order to change the password, she didn’t need to confirm by email or fill in the recovery form. She alerted MySpace about this vulnerability but went public after failing to receive a satisfactory response.
Back in 2013 MySpace made the headlines as the victim of a massive data breach, affecting 360 million accounts. It responded by pledging to tighten up on security – an empty promise, it seems. While MySpace may no longer be anywhere near top of the food chain, this does highlight the importance of maintaining good digital hygiene and taking an active interest in your historic online profiles. Best advice is to close down your MySpace account without further ado.
For another example of how vulnerable social media can be, read all about how a white hat took over Facebook accounts simply by using an old phone number: https://www.theregister.co.uk/2017/07/17/facebook_login_security/