Heartbleed Hackers Hit Mumsnet

Mumsnet, a forum site for mothers, has confirmed user data may have been leaked as a result of hackers using the Heartbleed flaw that caused has caused a panic over the last week.

The company said it had discovered on Friday that Heartbleed, a vulnerability in the OpenSSL form of web encryption, was used by hackers to access data from Mumsnet users’ accounts.

Heartbleed leaks

“On Thursday 10 April we at MNHQ became aware of the bug and immediately ran tests to see if the Mumsnet servers were vulnerable. As soon as it became apparent that we were, we applied the fix to close the OpenSSL security hole (known as the Heartbleed patch). However, it seems that users’ data was accessed prior to our applying this fix,” a post on the Mumsnet site read.

“We have no way of knowing which Mumsnetters were affected by this. The worst case scenario is that the data of every Mumsnet user account was accessed.”

Mumsnet founder Justine Roberts told the BBC News this morning that she does not believe the compromised data has been used maliciously as it appeared the hackers used the attack as a warning.

The hackers used the compromised accounts, including the one belonging to Roberts, to send their warning message.

Nevertheless, all users have been told to change their passwords. “We actually think Mumsnet users are safer than most, because we immediately implemented a forced password change,” Roberts added, saying she believed more organisations would soon come forward to admit Heartbleed-based breaches.

The Canada Revenue Agency, the tax collecting body, said 900 people’s social security numbers had been accessed by hackers using the Heartbleed vulnerability.

Security company Symantec has noted the Heartbleed flaw affects numerous machines, including those automated devices that form the Internet of Things. Heartbleed equally affects client software such as Web clients, email clients, chat clients, FTP clients, mobile applications, VPN clients and software updaters, to name a few. In short, any client that communicates over SSL/TLS using the vulnerable version of OpenSSL is open to attacks,” said Symantec’s Eric Chien, in a blog post.

“In addition, Heartbleed affects various other servers aside from Web servers. These include proxies, media servers, game servers, database servers, chat servers and FTP servers. Finally, hardware devices are not immune to the vulnerability. It can affect routers, PBXes (business phone systems) and likely numerous devices in the Internet of Things.”

Various IT suppliers are rushing to get together OpenSSL fixes. The latest to issue patches was VMWare, which said in an advisory that a number of its products were affected.

Love IT security? Try our quiz!