So MySpace got pwn'd...
Or so I've been told, I don't know. They all seem hesitant to show me since they don't want the leak to spread, which is understandable. Everyone seems incredibly shook and at least one Myspace discord server seems to be gone.
Personally I don't agree with that tactic since I think everyone should have a right to know who's in that leak, security by obscurity just DOES NOT WORK and hiding it from people won't stop bad actors from just spreading it anyway somewhere else whether it be for profit or fame or what have you. Everyone should be changing their passwords anyway so it shouldn't even matter.
I also don't appreciate Janken disabling the news section to intentionally stifle communication. I get trying to get people to calm down and stop any fearmongering, but for reasons I meantioned above, this doesn't seem okay to me.
Anyway, all things aside, if this all turns out to be true by some chance, change your goddamn passwords on everything. If you use the same password and email/name on another site change those as well. Make sure you're getting email alerts and keep an eye on those for the next weeks or month. But don't be afraid. I've been in situations like this before and the LAST thing you should do is freak out. Just go about your day and don't forget to make sure everything is in order every once in a while, and you'll be just fine.
Allegedly all of the passwords were stored as plaintext. I 100% believe this, because why the fuck else would the system be able to repeat them back to you when requesting a password reset or after signup? That is a HUGE security no-no, literally computer safety 101. Never keep shit like that unencrypted. Setting up a basic and safe password system is very easy and would severely soften the blow of a breach like this were it to occur.
Also, sorry for the blog CSS. Some site updates broke it. Asked janken for help on that and got no response. RIP :< I will fix it at some point, I promise.