Hack spurs mass password changes
Last weekend saw blogging network Gawker become the victim of a hack, resulting in a leak of user data. The passwords, email addresses and usernames of 1.3 million site users were published, which today spurred many major sites to force users to change their log-in details.
The attack is completely unrelated to the WikiLeaks revenge fiasco, with a group named Gnosis claiming responsibility. Targeting the blog and gossip site due to what they called ‘arrogance’, they also launched a spam attack on Twitter, which saw thousands of users seemingly raving about the health benefits of acai berries for a day.
However, the most shocking aspect of the hack is the revelation that 123456 was the most popular password among Gawker users. ‘Password’ was the second most used password, with 12345678 third. Other easy-to-guess terms such as abc123, qwerty, and 111111 were also in the top 10.
Although Gnosis only published the details for Gawker users, many other sites fear that because of the obvious nature of these passwords, their user accounts are also compromised; for example, a survey by IT security blog Sophos revealed that 33 per cent of respondents used the same password for several or all of their online accounts. In the past few days, social media sites Twitter and LinkedIn, and other sites including World of Warcraft and Yahoo, have begun asking users with non-secure passwords to change their details.
Gawker Media CEO Nick Denton is expected to meet with the FBI to discuss pressing charges, according to the New York Post.