The details of millions of Myspace users seem to have been stolen in yet another major hacking incident, with their passwords being vulnerable to decryption—and apparently on sale now.

Yes, this musically-inclined social network may not be the hit it once was, but if you tend to reuse your passwords across sites and over the years, here’s yet another reason to switch them up.

The hack was reported on Friday by LeakedSource, the same searchable repository of hacked account information that recently added the details of up to 167 million LinkedIn users.

According to Motherboard, a notorious hacker called Peace has put the Myspace data up for sale in an underground market, for the price of 6 bitcoins (around $3,200 at the time of writing). Peace did the same with the LinkedIn data, albeit at a slightly lower price.

There were 360 million user records in the Myspace stash, but only 111 million had usernames. (At its peak, around eight years ago, Myspace reportedly had 75.9 million regular users.) Other information in the records included email addresses and one or two passwords—the total number of passwords was just over 427 million.

I confirmed with LeakedSource that the database contains my old Myspace login details. The site gave me my unencrypted Myspace password (which I have now changed), showing how easily they were able to remove its protections.

“The methods Myspace used for storing passwords are not what internet standards propose,” a LeakedSource blog post read, describing the encryption as “very weak.”

The site’s administrators told me they know of “dozens of people” who have this dataset.

They think it dates back years, but it’s not clear when the apparent hack took place, or who was responsible. LeakedSource’s operators deny hacking or condoning hacking, and say someone using the alias “Tessa88” passed them the database.

As security researcher Troy Hunt noted, indications arose a couple months back of people receiving spam emails to accounts they only ever used for Myspace:

Interestingly, LeakedSource suggested that more than 850,000 of the accounts seem to have been automatically generated—they all shared the same password, “homelesspa,” and all had similar email addresses.

As you can probably guess, the most popular real passwords in the stash are “password1,” “abc123” and “123456.” People, don’t do this.

Myspace itself had not provided any comment at the time of writing. Fortune‘s proprietor, Time Incorporated, bought Myspace parent Viant Technology earlier this year.

This article originally appeared on Fortune.com

The Leadership Brief. Conversations with the most influential leaders in business and tech. Please enter a valid email address. Sign Up Now Check the box if you do not wish to receive promotional offers via email from TIME. You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy . This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Thank you! For your security, we've sent a confirmation email to the address you entered. Click the link to confirm your subscription and begin receiving our newsletters. If you don't get the confirmation within 10 minutes, please check your spam folder.

Contact us at letters@time.com.