Why The MySpace Hack Matters To You, A Non-MySpace User
If you've ever used MySpace in the past, now is the time to change your current passwords. Don't bother changing your MySpace password – that ship has essentially sailed (unless you still use MySpace). I mean change every other password you have, especially if you happen to be using the same password now that you used back then, but here and now for a different service. This is more common than you might think. Lots of people do it.
If you've never once used MySpace, ever, even just to log in and make a single comment, then you're in the clear. Or you would be, if it weren't for the hacks of a wide variety of other, similar database breaches over the past several years. You can head to "HaveIBeenPWNED" to see whether or not your account is part of one of these hacks and dumps.
What security researcher Troy Hunt has done at Have I Been Pwned is to compile lists of emails from those hacks, making them all publicly available for those who may have been a part of them, whether they knew it or not. If you search there and your email or username appears in any of the dumps, you need to get to work as fast as possible.
As has been standard practice for many years, hackers first move after connecting a password to an email or username is to seek out other accounts. You use your email for several websites – what if you have the same password for your bank as you do your email?
As we outlined back in our "Basic Password Security" SlashGear 101 back in 2012, the following is a set of metaphors that describe what it's like to use one password for all of your internet-based accounts.
1. You've got one key that opens all of your doors.
2. Instead of keeping that one key on your person, you've put duplicates of that key under rocks near all of your doors.
3. Someone finds one key – it was inevitable. Websites get hacked. You belong to websites.
4. They use the key to check not only that one door it was near, but all of your other doors, as well. That key can get in anywhere.
Protect yourself. Change your passwords – and make sure that each one is different from the last.