News

There's a Very Good (and Urgent) Reason to Delete Your Old Myspace Account

Unless you've been trapped in 2007 due to some glitch in the time-space continuum, odds are you've long forgotten about Myspace, the social network that was briefly more popular than Facebook (and even Google). However, even if you haven't logged on in a decade, there's a good chance that if you ever had a Myspace account, it's still floating around in the e-ether, along with whatever highly incriminating photos you posted there. Now might be the time to delete it for good, though, because a recently discovered flaw in the site's account recovery process makes it incredibly easy for just about anyone to hack in and poke around all of your personal stuff. 

According to a new report by security researcher Leigh-Anne Galloway, you can essentially log in to any user's Myspace account just by knowing their birthday. In a post on her personal blog, she detailed how it works: like many sites with account logins, Myspace has a recovery system that helps you access your profile if you forget your password by asking you to confirm some other identifying information (an associated email address, username, etc.) and resetting it. However, according to Galloway, someone only needs to another user's birthday in order to get into their account. This is because, due to some sort of glitch, you can actually enter any email address, as long as the birthday is a match, and get in (you do need to enter the username and account holder's name, but those are both already listed publicly on their profile page and thus easy for anyone to find).

Despite bringing the particularly glaring issue to Myspace's attention months ago and asking them to fix it, Galloway went public after hearing nothing back from the company. And, it appears her strategy worked. In the hours after her post went up on Monday morning, it caught the attention of many news outlets, and Myspace has since taken down the particular account recovery page she was referring to.

You may not feel particularly troubled by these revelations, since most everyone has ditched Myspace (which has rebranded and changed hands more than once since its heyday), but it's probably a good idea to delete your account anyway. There's very little of anyone peeking too much into your past (its been stripped of the bulk of "social network" features -- and most if not all of your potentially embarrassing info/messages were deleted years ago), but there's no reason not to just delete it yourself. After all, Myspace has a history of data and security breaches. Why bother leaving the slightest chance that someone may hijack your identity, or worse -- rearrange your Top 8. 

h/tThe Verge, Gizmodo

Sign up here for our daily Thrillist email and subscribe here for our YouTube channel to get your fix of the best in food/drink/fun.

Joe McGauley is a senior writer for Thrillist. Follow him @jwmcgauley.