What had appeared to be an internal MySpace administration page, found on an online forum by a prominent security researcher, has been claimed by a domain-name registration and web-hosting vendor.
Chris Boyd, security research manager at FaceTime Communications, reported on his blog Friday that he discovered a screenshot, which appeared to be an administrative panel for MySpace, posted on an online forum.
Late Friday, Susan Wade, spokeswoman for Network Solutions, said that the disclosed page belonged to her company, not the social networking giant.
Network Solutions is conducting an investigation to determine how the page was made public, she said.
“We touched base with MySpace to let them know that this was out there and there was some information [made public],” she said. “The good news here is that screenshot is information that you would find on a public database, except for the user ID.”
MySpace, a client of Network Solutions, declined comment on the matter.
Allowing that he had “no clue what we’re looking at here,” Boyd detailed the screenshot on his blog, noting that it contains information on domain accounts, retail accounts, billing information, domains connected to MySpace and contact information, including email addresses, names, addresses and user identification numbers.
The researcher said the screenshot had been posted on an MSN forum and blocked out what appeared to be sensitive data on his blog in order to avoid disseminating the information posted on the page.
The researcher took issue with the fact that, after repeated attempts to contact MySpace, warning them of the potential breach, his emails were answered by generic responses about blogs, an error advisory asking the user to try the site again in a few minutes, and a message saying, “We do not offer that option as it is not available within MySpace.”
“The replies I’ve had back from them since last week on this have been jaw-dropping,” Boyd said. “I’ve re-sent yet again with a little note asking if anyone there actually bothers to read anything they’ve sent, but I’m not getting my hopes up. I’d like to think the above screenshot doesn’t represent anything serious, but would someone bother posting something like that to websites if they didn’t think it was a big deal in the first place,” he said.
MySpace has been a frequent target of cyberattackers in recent months. Earlier this week, a hacker created fake user profiles, claiming to be from Tom Anderson, the site’s co-founder and president. Those have been deleted by the social networking site.
The MySpace pages of celebrities Alicia Keys, Justin Timberlake, Hilary Duff and Tila Tequila have all been hacked in recent months.