Originally posted here by [WebCarnage]
If your talking about what i'm thinking about. Then it isn't a security flaw at all, just a lame way to spam porn.

Basically companies are registering tons of SN's. And using bots to mass IM.

Imagine brute forcing, but instead of one username and trying combinations of passwords, its one service (AIM/ICQ) and trying combinations of working/online Screen names. If you're offline, or the SN just doesn't exist, they just try the next letter, number, whatever - do this enough times and your SN will eventually come up.
hes right, and many companies go to chat rooms with bots and have them auto-collect user names via messaging them.