Chances are that if you used Myspace or Tumblr, you may be in for something of a headache. You see, it\u2019s been reported that both social networks have had troves of user login data stolen and available, for the right price.<\/p>\n
The data from Tumblr \u2014\u00a0about 65 million users\u2019 worth<\/a>\u00a0\u2014 is several years old,\u00a0Tumblr reported<\/a>. And for those whose immediate response to this story was \u201cMySpace still exists?\u201d guess what? Several hundred\u00a0million<\/em>\u00a0MySpace passwords make this one of the largest heists to date. On the other hand, the\u00a0reported asking price of $2,800<\/a>\u00a0for the lot of them reminds us that it\u2019s been a while since we even thought about the once dominant site.<\/p>\n Social media data breaches may not cause the kind of panic we see with breaches of financial institutions, but perhaps they should. After all, it takes some effort to gain access to those records, and no one would bother if there were no value to the data.<\/p>\n Although MySpace might not have your credit card information, for example, access to your account gives thieves access to a variety of information that could prove useful \u2014 from personal details useful in\u00a0social engineering<\/a>\u00a0to login details for more directly profitable accounts, a distinct possibility given many users\u2019 propensity to reuse passwords.<\/p>\n \u201cThe potential risk is high for this breach to bleed over into other stories down the road, notes Brian Bartholomew, a member of Kaspersky Lab\u2019s Global Research and Analysis Team (GReAT). \u201cThese credentials could be used by criminals to access anything from bank accounts, to mail accounts, to other online systems. The possibilities are vast with respect to how this information might be used in the future.\u201d<\/p>\n And whereas Tumblr reported that it \u201csalted\u201d its encrypted user login data, making the data much harder to crack, MySpace merely\u00a0hashed<\/a>\u00a0the information with the\u00a0SHA1 algorithm<\/a>.<\/p>\n Some recommendations for \u00a0login and password management.<\/p>\nAll data breaches matter<\/h3>\n
Protecting your accounts<\/h3>\n
\n