Another day, another data breach! The same hacker who was selling the data of more than 164 million LinkedIn users last week now claims to have 360 million emails and passwords of MySpace users, which would be one of the largest leaks of passwords ever. And it looks like the data is being circulated in the underground by other hackers as well.
It’s unclear when the data was stolen from MySpace, but both the hacker, who’s known as Peace, and one of the operators of LeakedSource, a paid hacked data search engine that also claims to have the credentials, said it’s from a past, unreported, breach.
“We believe the data breach is attributed to Russian Cyberhacker 'Peace'," Myspace wrote in a blog post. "Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk."
The data breach in Myspace is believed to be the largest leaks of passwords ever and even if you have not visited Myspace in years, your personal information is up for sale online.
Again, I strongly urge people not to reuse passwords, and instead use a password generator and management tool, such as Lastpass, KeePass, 1Password, or DashLane.
In order to see if you’ve been hacked, check out the website https://haveibeenpwned.com/
You can enter in an email address you use, and it will compare it to the lists of hacked accounts, so you know which password you’ll need to reset. This is all the more critical because for more than a month, users of the remote login service TeamViewer have taken to Internet forums to report their computers have been ransacked by attackers who somehow gained access to their accounts. In many of the cases, the online burglars reportedly drained PayPal or bank accounts. No one outside of TeamViewer knows precisely how many accounts have been hacked, but there's no denying the breaches are widespread.
TeamViewer released the following statement:
“As you have probably heard, there have been unprecedented large scale data thefts on popular social media platforms and other web service providers. Unfortunately, credentials stolen in these external breaches have been used to access TeamViewer accounts, as well as other services.
We are appalled by the behavior of cyber criminals and are disgusted by their actions towards TeamViewer users. They have taken advantage of common use of the same account information across multiple services to cause damage.”
TeamViewer is claiming this is happening because have reused credentials that were leaked elsewhere. This seems likely, but they could also be experiencing their own hack. The bottom line is: try to avoid using the same credentials across sites.