I don’t think this will come as much of a surprise to anyone, but it appears MySpace accounts are easily phished. This probably wouldn’t be so bad except that people put everything about their lifes into social networking sites and there are tons of minors on it and it is owned by an evil advertizing company and it was founded by people who build data mining software (okay, I’m not sure how those last two play a part in this but I still don’t like it).
Also people tend to use their password on more than one site and most of the people listed use their email addresses as usernames and email addresses are one of the primary functions for forgot password in websites. Shall I go on? Okay, so maybe this is a big deal.
Here’s the link to the list of compromised users. Of course a good chunk of them aren’t valid because they are phished accounts, but you get the point. I’m not sure what means were used to compromise them, but clearly it was some amount of social engineering to give these types of results, but even still, MySpace is feeling like a scary place to be right now.