A hacker calling himself Peace of Mind, posted the database on the dark web marketplace The Real Deal at the end of May 2016. A few days later, MySpace ordered a password reset on all its users to help protect their accounts.
White explains on the site, “The following contains the alleged data breach from Myspace dating back a few years. As always, I do not provide any guarantees with the file and I leave it down to you to use responsibly and for a productive purpose.”
The database of passwords is not in cleartext. They are hashed with the SHA1 algorithm which Bruce Schneier has denounced as a weak method of encrypting data.
TeamViewer recently got in trouble for just such a leak. The company claimed that there was no security vulnerability, and blamed the practice of users re-using passwords.As always, the advice from BeCyberStreetWise.com, the UK government-led cyber-security scheme encourages users not to reuse passwords.