Skip to main content

Security researcher dumps 427 million hacked Myspace passwords online

Millions of passwords from the massive password hack at Myspace have been dumped online for anyone to access.

Thomas White, a security researcher also known under the pseudonym TheCthulhu, has published the database of 427 million passwords for more than 360 million users of the social network.

Recommended Videos

The passwords were stolen by an unknown hacker in May, who sold the cache of data on the dark web, but it can now be browsed for free through White’s website. The site, which launched earlier this week, has been a slow and unresponsive at times, but once you get online, you can download the stash of passwords. Be warned that it’s a 14.2GB file and, naturally, you should also be wary of possible security threats.

“The following contains the alleged data breach from Myspace dating back a few years,” said White. “As always, I do not provide any guarantees with the file and I leave it down to you to use responsibly and for a productive purpose.”

Myspace may seem like an odd target for a hacker in 2016, with the social network’s heyday long behind it, but as we learned with the LinkedIn breach from years ago, hackers aren’t interested in the account itself but rather the password.

People are notorious for reusing passwords. If a scammer can get access to one password, they can potentially get into several other accounts, and we’ve already seen one casualty of the Myspace breach this week.

Oculus CEO Brendan Iribe found his Twitter account compromised yesterday, with the culprit sending out a fake resignation tweet. According to reports, the unidentified prankster found Iribe’s password in the Myspace dump and took a shot at using it to log into different accounts.

In the aftermath of any data breach or hack, you should be vigilant and change any relevant passwords, and also ensure that you haven’t reused any passwords.

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
How to deactivate your Instagram account (or delete it)
A person holding a phone with the Instagram app open on it.

Oh, social media. Sometimes it’s just too much, folks.

If you’re finding yourself in a position where shutting down your Instagram account for a period of time sounds good, the people at Meta have made it pretty simple to deactivate it. It’s also quite easy to completely delete your Instagram, although we wouldn’t recommend this latter option if you plan on returning to the platform at a later date.

Read more
Bluesky finally adds a feature many had been waiting for
A blue sky with clouds.

Bluesky has been making a lot of progress in recent months by simplifying the process to sign up while at the same time rolling out a steady stream of new features.

As part of those continuing efforts, the social media app has just announced that users can now send direct messages (DMs).

Read more
Reddit just achieved something for the first time in its 20-year history
The Reddit logo.

Reddit’s on a roll. The social media platform has just turned a profit for the first time in its 20-year history, and now boasts a record 97.2 million daily active users, marking a year-over-year increase of 47%. A few times during the quarter, the figure topped 100 million, which Reddit CEO and co-founder Steve Huffman said in a letter to shareholders had been a “long-standing milestone” for the site.

The company, which went public in March, announced the news in its third-quarter earnings results on Tuesday.

Read more