Gawker Source Code and Databases Compromised

Posted by samzenpus on Sunday December 12, 2010 @10:59AM from the let's-see-what-we-have dept.

An anonymous reader writes "Passwords and personal data for 1.3 million Gawker Media readers — this includes readers of sites like Gizmodo, Lifehacker, Kotaku, and io9 — have been released as a BitTorrent by a group of hackers called Gnosis, who also managed to gain access to both the Gawker CMS and Gizmodo's Twitter account. Gawker confirms and urges readers to change their passwords: 'Our user databases do indeed appear to have been compromised. The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack. You should change the password on Gawker (GED/commenting system) and on any other sites on which you've used the same passwords. Out of an abundance of caution, you should also change your company email password and any passwords that may have appeared in your email messages. We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems.'"

2 of 207 comments (clear)

Min score:

Reason:

Sort:

The torrent file... by Anonymous Coward · 2010-12-12 11:15 · Score: 5, Informative

http://thepiratebay.org/torrent/6034669
1. Re:The torrent file... by zonker · 2010-12-12 12:10 · Score: 5, Informative
  
  Someone uploaded the database to Google's Fusiontable's for you to search for your info against:
  http://www.google.com/fusiontables/DataSource?dsrcid=350662
  Instructions for use:
  1. Get the MD5 of your email address (lowercase)
  - Online: http://pajhome.org.uk/crypt/md5/
  - Shell: $ echo -n mylowercase@email.com|md5sum
  2. Search for the hash (via Show Options)
  3. Change your password
  By the way for Mac users like me that command won't work. Try md5 -r instead of md5sum
  
  --
  Large print giveth, and the small print taketh away