By LESLIE HORN / PCMag.com
If you’ve ever commented on one of the Gawker Media sites, you might want to change your password. According to Mediaite, Gawker’s commenter database has been hacked.
The database is home to about 1.5 million usernames, emails, and passwords. Gawker originally denied that there had been a breach.
“No evidence to suggest any Gawker Media’s user accounts were compromised, and passwords encrypted anyway,” tweeted Gawker editorial directer Scott Kidder.
However, Kidder eventually confirmed the hack.
“Our user databases do indeed appear to have been compromised,” he said in a note on the site. “The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack You should change the password on Gawker (GED/commenting system) and on any other sites on which you’ve used the same passwords. Out of an abundance of caution, you should also change your company email password and any passwords that might have appeared in your email messages.”
“We’re deeply embarrassed by this breach,” Kidder continued. “We should not be in the position of relying on the goodwill of hackers who identified the weakness in our systems. And yes, the irony is not lost on us.”
An unknown and unverified source said in a note to Mediaite that the hack was motivated by Gawker’s haughty behavior.
“We went after Gawker because of their outright arrogance,” the source said. “It took us a few hours to find a way to dump all their source code and a bit longer to find a way into their database.”
The source said that it had found a conversation in Gawker’s Campfire logs in which Gawker staff said that they were “not afraid of [hacker community] 4chan.”
HarperCollins recently dropped the lawsuit it had brought against Gawker for reprinting pre-released portions of Sarah Paln’s book “America by Heart.” In exchange, Gawker agreed to remove the original post that featured the leaked excerpts from the book.