Myspace가 해킹을 당했다고 함.

마이스페이스에서 온 이메일 전문:

Notice of Data Breach

You may have heard reports recently about a security incident involving Myspace. We would like to make sure you have the facts about what happened, what information was involved and the steps we are taking to protect your information.

What Happened?

Shortly before the Memorial Day weekend, we became aware that stolen Myspace user login data was being made available in an online hacker forum. The data stolen included user login data from a portion of accounts that were created prior to June 11, 2013 on the old Myspace platform.

We believe the data breach is attributed to Russian Cyberhacker ‘Peace.’ This same individual is responsible for other recent criminal attacks such as those on LinkedIn and Tumblr, and has claimed on the paid hacker search engine LeakedSource that the data is from a past breach. This is an ongoing investigation, and we will share more information as it becomes available.

What Information Was Involved?

Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk. As you know, Myspace does not collect, use or store any credit card information or user financial information of any kind. No user financial information was therefore involved in this incident; the only information exposed was users’ email address and Myspace username and password.

What We Are Doing

In order to protect our users, we have invalidated all user passwords for the affected accounts created prior to June 11, 2013 on the old Myspace platform. These users returning to Myspace will be prompted to authenticate their account and to reset their password by following instructions athttps://myspace.com/forgotpassword

Myspace is also using automated tools to attempt to identify and block any suspicious activity that might occur on Myspace accounts.

We have also reported the incident to law enforcement authorities and are cooperating to investigate and pursue this criminal act. As part of the major site re-launch in the summer of 2013, Myspace took significant steps to strengthen account security. The compromised data is related to the period before those measures were implemented. We are currently utilizing advanced protocols including double salted hashes (random data that is used as an additional input to a one-way function that "hashes" a password or passphrase) to store passwords. Myspace has taken additional security steps in light of the recent report.

What You Can Do

We have several dedicated teams working diligently to ensure that the information our members entrust to Myspace remains secure. Importantly, if you use passwords that are the same or similar to your Myspace password on other online services, we recommend you set new passwords on those accounts immediately.

For More Information

If you have any questions, please feel free to contact our Data Security & Protection team at dsp_help@myspace-inc.com or visit our blog athttps://myspace.com/pages/blog.

그러니까 1주일쯤 전에 벌어진 일이다. 

내용을 읽어 보면 나도 해당자이긴 한데(2013년 6월 11일 이전 부터 사용했던 사람들) 워낙에 안 쓴지가 오래 돼서...

근데 비번, 아이디, 이메일 주소면 굉장히 큰 영향 끼치는 거 아닌가? 

도둑맞은 정보가 그거밖에 없다고 써놓긴 했는데 그게 가장 중요한 정보잖어, 참내 -_-

요즘 마페 쓰는 사람들이 많은가? 난 요즘 페북도 거의 안 들어가지는데. 트위터도 뜸하고.

누가 그리 내 일거수일투족을 궁금해한다고 어디 갔고, 뭐 했고 이런 걸 예전엔 그리 올려댔는지 지금 생각하면 좀 어이가 없다.

근데 그 땐 다들 그리 하는 게 정상적으로 보여서 나도 덩달아 ㅋㅋㅋ

블로그가 편한 게 남 귀찮게 하지 않고 내 기록 남길 수 있다는 거. 페북이나 트위터 등등에 뭘 올리면 팔로워들이 안 보고 싶어도 보게 돼서

결국은 남 귀찮게 하는 꼴인데 블로그는 남 귀찮게 하지 않으면서 내 기록도 남길 수 있다는 게 장점인 거 같다.

마페 비번이랑 아이디도 다 까묵었는데 한번 로그인 해줘야 하는 건가? 마페 해킹당했다고 노이즈 마케팅 하는 건가? ㅋㅋㅋ

근데 이메일 내용에 다시 보니 2013년 6월 11일 이전에 가입한 사용자들 비번을 다 무효화 시켰단다. 

해커가 그 비번으로 해킹하지 못하도록 차단했나 봄. 이래저래 로그인도 번거롭게 되얐네.