Archive for December, 2010

Online media company Gawker accounts(Passwords) have been attacked.

Posted in IT Security on December 20, 2010 by cobra

Antiquated encryption algorithm a key security flaw.

The recent theft of approximately 1.3 million account details from the servers of online media company Gawker has prompted password resets at a number of popular websites, including Yahoo, LinkedIn and World of Warcraft.

Social media site LinkedIn said it has identified a “very small fraction” of its members whose accounts could potentially be affected by the breach.

“As we closely monitored the situation, we decided it was imperative to take pre-emptive action to help ensure that those leaked passwords were not being used to attack any LinkedIn members,” Vincente Silveira, principal product manager at LinkedIn, wrote in a blog post.

Gawker disclosed last week that its servers were compromised by hackers to steal readers’ emails and passwords belonging to its properties, including Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot. The stolen passwords were posted on The Pirate Bay, a Swedish-based website that indexes BitTorrent files, allowing others to compromise user accounts.

A hacking group, Gnosis, has taken responsibility for the intrusion, the company said.

Please enter here to read the whole article on this phenomenon.

If you are more curious about this matter and would like to read about the full analysis of the breached data by researchers at two-factor authentication provider Duo Security, Please click here. (the same is available on the article itself)