The serious hack of Gawker Media’s servers that exposed end user password and email information is now being investigated by the FBI, according to reports.
A group known as ‘Gnosis’ has taken credit for the attack, and put the data it swiped into a file that was initially available via The Pirate Bay.
Rumours of the hack began to circulate 11 December, and Gawker confirmed them with a warning a day later. According to the company, the breach impacted users of several sites, including users of Gizmodo, Gawker and Deadspin. In addition, the attackers made off with usernames and passwords for Gawker’s staff, as well as Gawker’s source code and chat logs of discussions between employees.
The password information was encrypted, but was still vulnerable to being cracked – a fact underscored by the subsequent compromise of Twitter accounts belonging to some users. Many of those passwords were simplistic – an analysis by Duo Security found the most common passwords were “123456” and “password.”
“(The) number one best practice is never use a word that can be found in the dictionary,” he said. “A simple way to create a hard to guess password is to use the first letter of each word in a phrase. ‘When IT Rains it Pours’ becomes WIRIP. Add a number to make it eight characters long – WIRIP421. Change the “I” to “!” and you have a pretty strong password you can remember: W!R!P421. Do that for sites you pay for and ones that are important to you.”
In a ‘Frequently Asked Questions’ posted in response to the incident, Gawker advised users to reset their passwords. In addition, the company said it is bringing in an independent security firm to improve its infrastructure security.
After the United States imposes 100 percent tariffs on certain Chinese goods, Europe widens its…
OpenAI strikes deal with Reddit to train its AI tech on user posts and give…
Global spending spree from Microsoft continues, with huge investment for new data centre to drive…
Workforce blow. Newly privatised Toshiba has embarked on a 'revitalisation plan' that will entail the…
European Commission opens an official child safety investigation into Facebook and Instagram-owner Meta Platforms
Hundreds of AI and cloud engineers are being offered relocation out of China by Microsoft,…