A group going by the name of "Gnosis" has claimed credit for compromising the email addresses and passwords of some 200,000 registered users of Gawker Media services, a major on-line and blogging media company, over the weekend, reports this story at ComputerWorld. Other stories (like here and here) claim well over a million accounts have been compromised.
According to this message at Lifehacker, one of the sites compromised,
"This weekend we discovered that Gawker Media's servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot."
The ComputerWorld story goes on to say that:
"The compromised information is now available in a 487 MB file, which can be downloaded from peer-to-peer networks using a torrent now indexed on The Pirate Bay. Other information in the file includes something called 'gawker_redesign_beta.jpg' as well as Gawker's server kernel versions. "
A post at the Gawker site it says,
"The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack. You should change your Gawker password and on any other sites on which you've used the same passwords."
"We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us."
io9 is calling the event Hackerpocalypse.
And finally, this story at eWeek says that the compromised emails have already led to a spam campaign using Twitter. More spam and phishing attacks as well are probably likely.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.