NNSquad - Network Neutrality Squad
[ NNSquad ] How to (perhaps) check to see if Gawker compromised your email/password
How to (perhaps) check to see if Gawker compromised your email/password Hmm. So I received one of the "We screwed up and compromised your account" messages from Gawker (see below). Thing is, I don't recall ever creating an account on any of their properties. Perhaps a not-logged-in comment from time to time, but full accounts? Can't find a record of one in my own files either. Not that it really matters -- my passwords are all long psuedorandom strings, and they're different at each site. Still, I thought I'd try Slate's new "Have you been hacked?" Gawker data checker widget at: http://slate.me/fagU5y (Slate) Comes up zero for me there too. Good news -- I hope. Interesting. Just for jollies, you might want to check your likely email addresses whether or not you've received the Gawker doomsday letter yet. Slate swears they won't use your email addresses for evil. Good luck. --Lauren-- ----- Forwarded message from Gawker Media <help@gawker.com> ----- Date: Mon, 13 Dec 2010 20:59:37 -0500 From: Gawker Media <help@gawker.com> Subject: Gawker Comment Accounts Compromised -- Important Reply-To: Gawker Media <help@gawker.com> To: This weekend we discovered that Gawker Media's servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. As a result, the user name and password associated with your comment account were released on the internet. If you're a commenter on any of our sites, you probably have several questions. We understand how important trust is on the internet, and we're deeply sorry for and embarrassed about this breach of security. Right now we are working around the clock to improve security moving forward. We're also committed to communicating openly and frequently with you to make sure you understand what has happened, how it may or may not affect you, and what we're doing to fix things. This is what you should do immediately: Try to change your password in the Gawker Media Commenting System. If you used your Gawker Media password on any other web site, you should change the password on those sites as well, particularly if you used the same username or email with that site. To be safe, however, you should change the password on those accounts whether or not you were using the same username. We're continually updating an FAQ (http://lifehac.kr/eUBjVf) with more information and will continue to do so in the coming days and weeks. Gawker Media ============================================== You are receiving this email because your email address was associated with a Gawker Media user account. We are using this list only for the purpose of sending you this important notification. ... Our mailing address is: Gawker Media 210 Elizabeth St Floor 4 New York, New York 10012 ----- End forwarded message ----- Lauren Weinstein (lauren@vortex.com) http://www.vortex.com/lauren Tel: +1 (818) 225-2800 Co-Founder, PFIR (People For Internet Responsibility): http://www.pfir.org Founder, NNSquad (Network Neutrality Squad): http://www.nnsquad.org Founder, GCTIP (Global Coalition for Transparent Internet Performance): http://www.gctip.org Founder, PRIVACY Forum: http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com Twitter: https://twitter.com/laurenweinstein Google Buzz: http://bit.ly/lauren-buzz