Depending on which generation you belong to, the term ‘MySpace’ might mean something to you. Or, it might not mean anything at all.
While I was part of the ‘MySpace’ generation back in its heyday, even I was pretty surprised to see the social network make headlines last week. “Who knew? MySpace is still around,” I thought to myself. Of course, given the many years I’ve been following the cybersecurity landscape, my eye always catches the latest cyberattack or data breach in the headlines. So, to see MySpace in the headlines recently as a result of a data breach, my interest was obviously piqued.
From the news reports of the MySpace hack, it could be one of the largest of all time. Target is one of the more often-cited data breaches and that involved a mere 70 million user accounts. LinkedIn is another example – 117 million user accounts were impacted. In the case of MySpace, we’re talking about potentially 360 million accounts exposed.
However, the personal data involved in this instance is fairly dated. But, since data never dies, this breach could still expose a lot of people. This is another illustration of how a seemingly consumer-facing breach can still most certainly put organizations at risk. As our recent Market Pulse survey data confirms, employees continue to use and re-use the same passwords. This is alarming for obvious reason – if employees are using the same password for company-facing systems that they are using for other accounts (like abandoned MySpace accounts!), they could be inadvertently putting their employer organization at risk.
While most companies expect to be breached (the motto ‘when, not if’ is a common one these days) and plan accordingly, most consumers aren’t necessarily thinking ahead when it comes to the safety of their data. The MySpace hack is a really good reminder that your data never dies online and to constantly change your passwords, avoiding the urge to re-use the same password across many accounts. It might save you a few minutes, but is it worth it to expose yourself to unnecessary risk? This is also a clear indication that hackers are growing increasingly more sophisticated in where how they attack the human vector and this is likely just the beginning of dormant accounts that could be exposed.