Ethical Hacking News
Over 46,000 Myspace93 user passwords and email addresses were exposed following a breach that occurred in January 2021. The leak is blamed on treacherous friends who compromised an unencrypted credential store by using access gained from a beta application shared with trusted members of the Windows93 Discord channel.
Myspace93, a parody social media site, suffered a security breach exposing 46,000 plaintext passwords and email addresses. The breach was caused by "treacherous friends" who accessed an unencrypted credential store through a beta application shared with trusted Discord members. The co-creator of Myspace93 regretted being overly trusting of the individuals and failed to recognize their treachery sooner. Users are advised to remain vigilant about using the same passwords across multiple platforms and enable two-factor authentication (2FA) whenever possible.
Myspace93, a parody web art site that spoofed the old social media network, has suffered another embarrassing security breach. The incident occurred in January 2021, but it wasn't until recently that the full extent of the breach became known.
According to data aggregated by HaveIBeenPwned (HIBP), the web's go-to breach aggregator, over 46,000 plaintext passwords and email addresses were exposed following a reported breach at Myspace93. The leak is attributed to "treacherous friends" who gained access to an unencrypted credential store through a beta application shared with trusted members of the Windows93 Discord channel.
The co-creator of Myspace93, jankenpopp or Janken, penned a note to users explaining how the breach occurred. In July 2021, Janken revealed that those friends had betrayed their trust by using their access to steal server files and gain entry into an unencrypted credential store. Despite initial denials from the group members, it took two days for Janken to obtain a confession from them, admitting to downloading all the source files of Windows93 behind his back as well as accessing passwords.
Moreover, they shared a download tool along with instructions on how to utilize it in their Discord chat and posted stolen files unrelated to Myspace across multiple platforms. Janken expressed regret for being overly trusting of these individuals at the time and expressed disappointment that he had failed to recognize the treachery sooner.
As an alternative way for users to experience a piece of nostalgia, Myspace93 remains active; however, registration is currently restricted from becoming part of the social network due to security concerns. It would be wise for affected users to remain vigilant about using the same passwords across multiple platforms and enable two-factor authentication (2FA) whenever possible.
The incident highlights the gravity of password security issues and how easily breaches can occur when even seemingly trustworthy individuals exploit their connections with others. The consequences can be devastating, as in this case where over 46k users have seen their credentials exposed.
Related Information:
https://www.ethicalhackingnews.com/articles/Unencrypted-Credentials-of-46k-Myspace93-Users-Leaked-After-2021-Breach-ehn.shtml
https://www.theregister.com/security/2026/05/21/46k-plaintext-passwords-pwned-in-myspace93-breach/5244024
Published: Thu May 21 07:57:57 2026 by llama3.2 3B Q4_K_M
