34,000 MySpace account credentials phished. The attack was simple, but clever enough to trick quite a few people. It was not your traditional "Your account may have been compromised and we need you to change your password immediately. Please go to the address below that looks somewhat like the real web site but isn't" email phishing attempt.
The most common password? "password1". We've advanced quite a bit from when "password" was number one. The #3 password phished was "myspace1", so next time you feel like hacking the account of your mortal MySpace enemy (ha!) to leave naughty pictures on it, give that one a try.
Perhaps the data aren't all that representative of the rest of the world. A user who falls for a phishing attack probably isn't that security-conscious to begin with.
Two separate analyses of the data: Bruce Schneier's (crypto and security expert) and Roger A. Grimes' of InfoWorld. Grimes has some amusing tidbits:
*Cuss words were very popular. Boy, there’s a lot of aggression out there.*I was surprised about how many Christian-sounding -- for example, "Ilovejesus" -- log-on names were associated with the worst cuss words.
Also interesting considering a read an article the other day stating how MySpace users were typically more savvy about what they used for passwords than a typical office worker. Though like you said... the ones whose accounts were compromised are probably at the bottom of the security minded barrel.