Gawker Media Hack: Everything You Need To Know

Hackers on Sunday night broke into Gawker Media's servers and grabbed the login credentials for millions of the company's readers who leave comments on sites such as Gawker, Lifehacker, Jezebel, and Kotaku. The hack appears to the work of a group calling itself "Gnosis" (an ancient Greek term meaning 'mystical knowledge').

"We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems," a Gawker representative said in a blog post Monday morning. Gawker was alerted to the hack once Gnosis published a post on Gawker (since taken down), according to The New York Times.

If you have ever signed up to post comments on any of Gawker Media's nine sites (listed below) then you should immediately log into the site and change your password. You should also change the passwords for any sites where you use the same password, since the exposed password leaves you vulnerable to attack on other sites. Here's everything you need to know about the recent Gawker Media hack.

Who are the people behind Gnosis?

It's been speculated that Gnosis members may be users of the 4chan message board, since Gawker had previously engaged in a feud with 4chan users, according to The Next Web. However, Mediaite has an interview with someone claiming to be a representative from Gnosis who said the group has no relation to 4chan. The person also told Mediaite that Gnosis had attacked Gawker because of the site's "outright arrogance."

Gnosis does not appear to be related to Anonymous, another hacker group responsible for the recent attacks against MasterCard, Visa and PayPal over the WikiLeaks debate as well as past attacks against the Church of Scientology.

What kind of information was stolen?

The hackers were able to grab the e-mail addresses and password information for nearly 1.3 million Gawker users (people registered to leave comments), and the source code for Gawker Media's custom-built content management system, according to Mediaite.

Most of the passwords were encrypted, but more than 200, 000 registered commenter accounts were cracked. The hackers were also able to release a list of Gawker employee user names and passwords including credentials for Gawker founder Nick Denton.

What is being done with the stolen information?

Some of the stolen login credentials (including the 200,000 decrypted passwords) are now part of a 500MB torrent file that is widely available for download using a BitTorrent client such as Vuze.

Which sites are affected?

This hack included credentials for all Gawker Media sites including Deadspin, Fleshbot, Gawker, Gizmodo, Jezebel, io9, Jalopnik, Kotaku, and Lifehacker.

Who should change their password?

The company is advising anyone who has a commenting account at any of the sites above to change their passwords as soon as possible. Lifehacker has a detailed FAQ with instructions on how to change your password.

I use the same password on Gawker as I do for my bank, what should I do?

You should make sure that every site you use (especially the more sensitive ones such as e-mail, financial accounts, and major social media services such as Facebook, MySpace, and Twitter) has a unique and difficult-to-guess password.

For help on password security check out PC World's numerous password protection guides such as The Art of Creating Strong Passwords, Advice on Secure Passwords and How To Protect Your Online Passwords.

If you have a hard time remembering passwords, then you should also consider using a password manager such as LastPass (my personal favorite), 1Password or KeePass.

I log in to Gawker with Twitter, am I in the clear?

No. Around midnight Monday morning, Twitter was warning users who had linked their Twitter accounts to Gawker to change their Twitter passwords. It appears some Twitter accounts are tweeting out the terms "Acai Berry" or something similar after a worm designed to send out spam infected their accounts. Twitter said this worm attack appears to be related to the Gawker incident. To protect yourself from the worm all you have to do is change your password.

What about if I log in with Facebook Connect?

If you've logged in to Gawker using Facebook Connect you should not be affected, as Gawker does not have access to your Facebook login credentials.

Credential theft like this can be annoying, but it is also a part of online life. One of the best ways to protect yourself is to make sure you never use the same password on multiple sites. And never use simple passwords such as "1234" or "Password," which apparently some Gawker users were doing.

Connect with Ian Paul (@ianpaul) and Today@PCWorld on Twitter for the latest tech news and analysis.

Subscribe to the Security Watch Newsletter

Comments