MySpace employees used internal ‘Overlord’ tool to spy on users and ex-lovers, bombshell report reveals
- A new report details a tool used by MySpace employees to monitor user activity
- About a decade ago ‘Overlord’ was used to read messages and view passwords
- Motherboard reports that some employees used it to stalk their exes
- The misuse of Overlord offers a stark parallel to today’s social platforms
MySpace workers abused a company tool called ‘Overlord’ to read users’ messages and even see their passwords about during the platform’s heyday, a new report reveals.
The tool was originally developed to moderate the platform, help comply with law enforcement, and execute copyright take-down.
But according interviews with former employees of the platform, published in Motherboard this week, it was misused in the mid-2000s.
One Myspace employee described the tool as the ‘entire backdoor to the Myspace platform.’
In certain cases, that misuse involved spying on exes according to one anonymous former employee interviewed by Motherboard.
An explosive new report reveals MySpace employees used a backdoor tool to spy on loved-ones
‘The tool was used to gain access to a boyfriend/girlfriend’s login credentials,’ said a source in the report.
Employees interviewed by Motherboard say that abuse was often quickly uncovered by managers responsible for overseeing employees’ activity and anyone caught misusing Overlord was immediately fired.
Employees were also given training on how and when to use the tool before they were given the keys to users’ seemingly private information.
Still, the revelation draws a stark parallel to many of today’s privacy breaches, many involving the social media giant Facebook, which eclipsed MySpace to become the platform of choice around the world.
WHAT IS MYSPACE’S ‘OVERLORD’ TOOL?
A new report by Motherboard details a tool called ‘Overlord’ which was used by MySpace employees to monitor user activity.
While the tool was initially supposed help track copyright activity and help appease law enforcement requests, it was abused by some employees.
Former employees say that Overlord was misused by the company to read direct messages and sometimes look at users’ credentials.
The abuse of Overlord hearkens to several controversies surrounding today’s biggest social platforms including Facebook and Instagram.
Similar to a recent privacy scandal involving Facebook, MySpace made the dubious choice of storing Instagram users’ passwords in plaintext instead of a ‘hashed,’ or encrypted, format.
The choice not only opened users up to malicious attacks, but also allowed MySpace employees to easily read credentials.
Motherboard also reported last year that Facebook terminated employees who used inside data and access through his position at the company to stalk women.
According to Hemanshu Nigam, who was Myspace’s Chief Security Officer from 2006 to 2010, all social media platforms currently has a tool similar to Overlord.
‘Every company has it… Whether it’s for dealing with abuse, or responding to law enforcement or civil requests, or for managing a user’s account because they’re raising some type of issue with it,’ Nigam told Motherboard.
MySpace which still operates – albeit at a much smaller scale than its apex – still uses the tool though according to one source interviewed by Motherboard, only a ‘very small number of employees’ have access.