FBI Investigating Gawker Hack
The Gawker hack that compromised the site's commenting system has caught the attention of the FBI. Investigators were scheduled to meet with Gawker editor Nick Denton Tuesday to discuss the breach, according to the New York Post.
"The FBI in New York is aware of these reports and is looking into it," an FBI spokesman said via e-mail.
At issue is a weekend hack that accessed Gawker's commentor database, which is home to about 1.5 million usernames, e-mails, and passwords. Gawker urged its users to change their passwords immediately, especially if they use that same password on other Web sites. The password vulnerability led to a Twitter spam attack on Monday.
"The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack You should change the password on Gawker (GED/commenting system) and on any other sites on which you've used the same passwords," Gawker said in a statement. "Out of an abundance of caution, you should also change your company email password and any passwords that might have appeared in your email messages."
A group that calls itself Gnosis has reportedly taken responsibility for the hack. The group told Mediaite that it "went after Gawker because of their outright arrogance." Gnosis pointed to a document in the Gawker logs that quoted Denton as telling 4chan to "bring it on." Though Gnosis said it is not affiliated with 4chan and actually said it doesn't "like being lumped in with 4chan," Gnosis said that Denton needs to have "the means to back yourself up" when making statements like that.
In a Monday tweet, Denton denied the quote. "Actually, not true. That was an unfortunate joke in an internal chat by Gawker writers," he wrote.
It's possible that Gnosis could have broken into Gawker's commentor accounts by simply guessing their passwords. The Wall Street Journal reports that the most common passwords for logging into Gawker Media sites were "123456" and "password." Wonder if your password would pass the test? Check out PCMag's How to Create Strong Passwords feature.
0 comments:
Post a Comment