Mumsnet reveals how it fell victim to Heartbleed

Finger pointing towards malware on a piece of code
(Image credit: Shutterstock)

Mumsnet has released a statement detailing how it discovered it was open to the Heartbleed OpenSSL vulnerability.

On 8 April, when the first sites were affected by the Heartbleed OpenSSL vulnerability, the company ran some tests to see if it was open to an attack and patched the holes it believed hackers would use to access systems on April 9.

However, on 11 April, a message was posted on one of the website's forums, purportedly from the site's CEO, Justine Roberts.

Despite the patch being successfully applied, the hackers used data scraped before its application to make the fraudulent post.

Passwords are like underwear; change them often

It made some odd statements about the site's users, claiming they were "unreasonable and petty."

The post went on to claim Roberts would be closing the site down or selling it, finishing with: "I'm putting this grothole up for sale and spending the money on dogecoin. Probably a more sensible thing to do than run this place any longer."

Mumsnet was very quick to announce this wasn't the company's CEO and hackers had taken advantage of the Heartbleed vulnerability, bypassing the patches the company had put in place.

Shortly after, other Mumsnet accounts were used to post messages writing out the string: "All your base are belong to us."

The Heartbleed vulnerability had allowed hackers to steal usernames, passwords and post messages on user accounts. Thirty usernames and passwords were then posted to the text sharing site Pastebin, prompting Mumsnet to change user passwords to prevent any more damage occurring.

The blog post on Mumsnet said, although nothing malicious happened, it seems the vulnerability was used to highlight the security risk with Heartbleed.

It advised its users: "The internet is brilliant, but nobody can guarantee it's 100 [per cent] safe and secure - EVER. Whenever you share anything on the web, either publicly (such as on a Mumsnet thread) or privately (such as the data you give to a website when signing up), have a think about how happy you would be for that information to get into the hands of a hacker.

"Make your passwords as secure as possible and change them every few months ('passwords are like underwear; change them often'). Use different passwords for different accounts. Close redundant accounts that you no longer use."

Yesterday, security experts warned the volume of companies trying to patch holes exposed by the vulnerability could severely slow down the internet.

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.