It appears that someone has figured out the password to my
Myspace account and has logged in and sent e-mails from the account as well. I
have two questions: First is there any possible way to track down the person
who is doing this (mind you they did not change my password)? Is it really that
easy to obtain someone’s password on a site like this? I do not use a public
computer and change my password regularly.
There are a couple of things going on here. Yes, it’s possible that you got
hacked, but it’s also possible that you didn’t.
Become a Patron of Ask Leo! and go ad-free!
It’s quite possible that you didn’t get hacked. It’s quite possible that
someone is impersonating you in one way or another – this is a common practice
with email borne viruses and spam that could possibly apply to other mail
systems as well. (See my article
Someone’s sending from my email address! How do I stop them?! for more
information on that scenario.)
The good news is that, no, it’s not that easy to get someone’s
password from such a site. Possible, perhaps, but typically very, very
More commonly, these kinds of exploits are the result of poor password
selection, so that someone can easily guess your password, or by trusting
someone you shouldn’t have with your password. And, as you already indicated,
public computers are also a possibility. For that matter, any computer you use
that someone else has access to could be a security risk if you allow it to
save your passwords for you.
Unfortunately once it happens, it’s nearly impossible for us “mere mortals”
to track down the culprit. It really depends on how the service, such
as Myspace, operates. It’s possible that they could track it down, but by that
I mean only that the technology might support it. Whether or not the service
keeps that information or even uses it is unknown. Even if they do, they are
probably not very willing to simply hand it out for claims like this. More
often than not, privacy concerns might require that laws have been broken, law
enforcement get involved, and perhaps even a court order be required to get the
information from the service.
My advice is to get in touch with the service’s support contact and see if
and how they might be able to help. My expectations, however, would be that
they won’t be able, or perhaps willing, to do much.