IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Gawker passwords pilfered in server hack

Gawker users are advised to change their passwords following a hack.

Data security

Gawker Media has admitted passwords were stolen in a hack on its user databases.

Whilst the stored passwords were encrypted, Gawker said, simple ones may still be vulnerable to a brute force attack, where constant attempts to crack the key are made until the hackers are successful.

Users have been advised to change their passwords for Gawker websites and for any other site on which they use that same password.

"We're deeply embarrassed by this breach," a note on the Gawker website read.

"We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us."

Other Gawker sites include Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot.

"We understand how important trust is on the internet, and we're deeply sorry for and embarrassed about this breach of security - and of trust," a separate note on Lifehacker read.

"We're working around the clock to ensure our security (and our commenters' account security) moving forward."

A group going by the name of Gnosis has claimed credit for hacking Gawker's servers, reportedly posting a file on the Pirate Bay.

The file contained numerous passwords, including those of Gawker founder Nick Denton.

As yet, there has been no definite link between Gnosis and the Anonymous hacker group who have been going after anti-WikiLeaks services.

A related Twitter hack?

Following the Gawker compromise, hundreds of thousands of Twitter accounts were hacked as well.

Del Harvey, Twitter's director of trust and safety, said she suspected these new hacks used the same passwords as those taken from Gawker.

The hacked Twitter accounts have been used by spammers to send messages attempting to direct users to a supposed acai berry diet website.

"Got a Gawker acct that shares a PW w/your Twitter acct? Change your Twitter PW. A current attack appears to be due to the Gawker compromise," Harvey wrote on her own Twitter page.

"In other words: the acai berry attack looks to be connected w/the Gawker hack rather than a worm."

Ethical hacker Jason Hart, senior vice president at CRYPTOcard, told IT PRO hacks like the one against Gawker are becoming easier to carry out.

"With the ease of hacking and cracking passwords, there need to be additional layers of security," Hart said.

"Encrypting passwords does not prevent brute force attacks."

Sophos has told web users to mix up their passwords for added security.

According to a Sophos poll carried out last year, a third of respondents said they used the same passwords for all of their online accounts.

Just a fifth used different passwords for all their various accounts.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to incorporate password protection into your security strategy
Sponsored

How to incorporate password protection into your security strategy

3 Aug 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022
The psychology of secure passwords
Sponsored

The psychology of secure passwords

14 Jul 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022