“Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach,” the headline reports — a concise statement that carries its own alarm. The published account says 46,000 Myspace93 account passwords were disclosed in plaintext and that the leakage is being blamed on “treacherous friends”; email addresses and other unencrypted credentials were also exposed.
46,000 plaintext passwords exposed
The central, verifiable fact in the coverage is straightforward: attackers published plaintext passwords for 46,000 accounts associated with Myspace93. The story frames that disclosure as a post‑breach development tied to an earlier security incident in 2021. The record supplied publicly identifies both the count — 46,000 — and the character of the data — plaintext passwords.
The 2021 Myspace93 breach and the later spill
The Register entry ties the spilled credentials to a breach that occurred in 2021. It does not elaborate on the mechanics of the original intrusion in that year; what is recorded is the sequence: a 2021 breach, followed by a later publication of data that included plaintext passwords. The account was published on May 21, 2026.
“Treacherous friends” blamed for the leakage
The coverage attributes the cause of the leak — in the words used in the report — to “treacherous friends.” That phrase appears in the published material as the stated explanation for how the unencrypted credentials and email addresses came to be disclosed. The coverage does not expand on who those “friends” are, how they obtained the data, or what relationship they had to the accounts involved beyond the quoted characterization.
What was exposed: unencrypted credentials and email addresses
Alongside the plaintext passwords, the published report lists email addresses and other unencrypted credentials among the items disclosed. The story’s language emphasizes that the material was not encrypted when it was published — the credentials are described explicitly as unencrypted and as plaintext.
What this means for end users, Myspace93, and security teams
- End users: The published record makes clear that a set of 46,000 account passwords linked to Myspace93 were released in plaintext together with email addresses and other unencrypted credentials. For the individuals whose details appeared in that set, the disclosure is a direct compromise of those specific account data as described in the report.
- Myspace93: The article ties the public spill back to a breach that occurred in 2021. That chronology places the platform at the center of both the original incident and the later publication of exposed credentials as described in the published account.
- Security teams and investigators: The coverage attributes the leak to “treacherous friends,” a phrase that frames the event in interpersonal terms rather than naming a formal malicious actor; that characterization, as quoted in the report, will shape any inquiry or remediation that follows from the published disclosure.
The facts in the published account are spare but categorical: a 2021 breach, a later publication of data, 46,000 plaintext passwords, and the attribution of the spill to “treacherous friends” with email addresses and other unencrypted credentials included in the disclosed set. Those elements, presented together, form the record the reporting offers.
What remains open in the published material is how parties will respond and what remedies, if any, will follow — questions the source’s language leaves unaddressed. The disclosure itself, as recorded, is the action: the plaintext passwords and unencrypted contact details are out in the open, and the published narrative assigns responsibility to “treacherous friends.”
Original story: https://www.theregister.com/security/2026/05/21/46k-plaintext-passwords-pwned-in-myspace93-breach/5244024




