As we reported yesterday, a shocking security hole was found in Myspace (remember Myspace?) that meant anyone could seize control of your account just by knowing your your name, username, and date of birth.
Yes, somewhere there’s a village missing its idiot. And the idiot’s name is Myspace.
The mindbogglingly awful weakness in Myspace’s security was uncovered by researcher Leigh-Anne Galloway who privately informed the primordial social network back in April.
That security hole would be bad enough, but what was really appalling was the only response Leigh-Anne received from Myspace was an automated “Thanks for contacting Myspace” email.
It was only when, in her frustration, Leigh-Anne went public about the problem that Myspace finally saw fit to take some action. Which, thankfully, it now has – blocking access to the old, risky account recovery webpage.
So, problem over?
No, I don’t think so.
You see, if something *that* bad can be present on Myspace I wonder what other problems might lurk there?
Chances are that many people who have Myspace accounts created them years ago, and in all likelihood never visit the site anymore.
If you’re on of those people, and have no use for the site, why not delete your Myspace account rather than risk something bad happening? At the same time, you might be wise to have a think about what other ancient websites you might have joined long, long ago before you got more sensible about things like choosing strong, unique passwords.
Don’t forget, by the way, that someone was claiming to sell hundreds of millions of stolen Myspace account details last year…
For further discussion of this incident take a listen to this episode of the “Smashing Security” podcast: