GAWKER MEDIA HAS ISSUED a warning to people who comment on its websites that their password and user information was published online at the weekend
Gawker says its servers were compromised, resulting in a security breach. Passwords of around 1.3m registered users to the group’s sites were accessed and published online.
The breach affects nine of the group’s websites: Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot, according to a statement from Gawker.
Registered users should assume their information was included in the leaked data.
Gawker advised users to change their passwords immediately:
This is what you should do immediately: Try to change your password in the Gawker Media Commenting System. If you used your Gawker Media password on any other web site, you should change the password on those sites as well, particularly if you used the same username or email with that site. To be safe, however, you should change the password on those accounts whether or not you were using the same username.
Security updates and further information are being posted regularly on Lifehacker.
The Guardian reports that a group calling itself Gnosis claimed responsibility for the Gawker attack, apparently in retaliation to a number of unfavourable Gawker blogposts about 4Chan.
The Guardian also reports that the hackers may have benefited from a security setting within Gawker: “Gawker made the hackers’ task simpler: if a user entered a password with more than eight characters, it dropped those after the eighth – dramatically limiting the scope of the attack required”.
Some users who had used the same passwords for their Gawker and Twitter accounts, afterwards had their Twitter accounts hacked and scam tweets regarding “acai berries” were sent out.
To embed this post, copy the code below on your site
have your say