Gawker Data Breach Results In Huge Data Theft

Online publisher Gawker Media has admitted that its servers were hacked into over the weekend and that user account names and passwords have been stolen.

Gawker is a media and technology blog-site. It posted a message in which it urged users to change their passwords, as well as any other Internet accounts that may have using the same details.

“Our user databases appear to have been compromised,” said the message. “The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack. You should change your Gawker password and on any other sites on which you’ve used the same passwords.”

Deeply Embarrassed

“We’re deeply embarrassed by this breach,” Gawker added. “We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us.”

Gawker is advising all commenters with Gawker Media accounts to change their passwords, and if they use the same password for other online accounts, to change those passwords as well.

It is believed that the login information for commenter accounts at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot could also be compromised as a result.

And according to The Next Web, a group calling itself Gnosis has also stolen the passwords for about 200,000 registered Gawker users, which are now apparently available at The Pirate Bay. Although the passwords were encrypted, they have apparently been cracked.

Meanwhile security expert Sophos said that this attack should remind computer users of the importance of maintaining different, hard-to-guess passwords for all their online accounts.

Password Apathy

Sophos said that the security breach has now been linked to a widespread spam campaign on Twitter. “As many as 1.3 million account details are believed to have been stolen from Gawker’s servers, and have since been posted on sites like Pirate Bay,” said Sophos.

“Hundreds of thousands of Twitter accounts appear to have been compromised by hackers, who have spread spam promoting an Acai Berry diet,” said Sophos. “According to Del Harvey, Twitter’s director of trust and safety, the messages seem to have been posted from accounts where users were using the same password on both Twitter and Gawker.”

“The key issue here is that too many users – as much as a third – are still using the same password for every website they access,” said Graham Cluley, senior technology consultant at Sophos. “Once one password has been compromised, it’s only a matter of time before the fraudsters will be able to gain access to your other accounts and steal information for financial gain. Password security is becoming more important than ever. Make sure that you’re taking the issue seriously, or suffer the consequences.”

In a poll of 676 computer users in March 2009, Sophos found that 33 percent used the same password all the time, 48 percent used a few different ones and only 19 percent never used the same passwords for different websites.

Ongoing Attacks

The Gawker attack comes at a time of heightened concern due to the ongoing DDoS attacks on WikiLeaks’ opponents. Amazon said today that the downtime on its sites in Europe was due to hardware problems, and was not a WikiLeaks cyber-war attack.

Indeed, the fact that major sites like MasterCard and Visa can be blocked through concerted effort will worry online sites owned by companies or governments.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

10 hours ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

11 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

13 hours ago

VW, Rivian Launch Joint Venture, As Investment Rises To $5.8 Billion

Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…

14 hours ago

AMD Axes 4 Percent Of Staff, Amid AI Chip Focus

Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…

17 hours ago

Tesla Recalls 2,431 Cybertrucks Over Propulsion Issue

Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…

18 hours ago