gawker.com and others hacked - Did they get your email/password?

Bokeh

How to check if your password was exposed in Gawker hack - Computerworld

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

mypcrepairguy

Thanks I was looking for a way to not DL the torrent and manually check for my info.

-Foxer-

I saw my username, but didn't see my email address. So that's kind of weird. Anyway, i'll probably check the password hash when I get home.

It's a pretty huge breach, and gawker has been saying that no passwords were compromised since they encrypt them, even though an article I read today already decrypted over 200K of them. Pretty crazy stuff.

dynamik

-Foxer- wrote: »

gawker has been saying that no passwords were compromised since they encrypt them

They were using DES: The Real Lessons Of Gawker’s Security Mess - The Firewall - the world of security - Forbes

eMeS

dynamik wrote: »

They were using DES: The Real Lessons Of Gawker’s Security Mess - The Firewall - the world of security - Forbes

That article is excellent.

Personally I'm somewhat unhappy with Gawker media lately. The post they made last week which appeared to be a thinly veiled encouragement for people to dl and use LOIC in support of Wikileaks made no sense to me for several reasons. Considering that plus now this security breach and their lame response to it I've made a decision to stay off of their sites.

MS

dynamik

Gawker's been going downhill for a couple years IIRC. I don't really pay attention to any of their sites anymore, but that seems to be the consensus from the more savvy internet users.

One of my addresses was unfortunately in the list. I think I created a Kotaku account eight years ago or so. However, I would have only been minimally affected by it, even in a worst-case scenario. The password was only shared amongst a few other forums and blogs, and I've changed all the ones that I remember/care about.

One thing I thought was really interesting was that LinkedIn froze my account and required me to reset my password before I could access the site again. I wish more organizations would take such a proactive approach to protecting their members.

eMeS

dynamik wrote: »

One thing I thought was really interesting was that LinkedIn froze my account and required me to reset my password before I could access the site again. I wish more organizations would take such a proactive approach to protecting their members.

The same thing happened to me. However, what was odd is that I didn't use the same email address on Gawker/LinkedIn.

MS

snadam

dynamik wrote: »

They were using DES: The Real Lessons Of Gawker’s Security Mess - The Firewall - the world of security - Forbes

that was a pretty good read, dynamik. Thanks for posting.