Skip to main content

Gawker hacked, 1.5 million accounts compromised

gawker-hack-attack-millions-of-accounts-compromised
Image used with permission by copyright holder

As seems to be the norm lately, Gawker was hacked and taken down this weekend by a group with loose ties to 4chan, the Internet equivalent of a pirate island. All Websites under the Gawker Media brand–Lifehacker, Gawker, Gizmodo, Jezebel, io9, Jalopnik, Kotaku, Fleshbot, Deadspin–were affected by the attack as well. 1.5 million usernames and passwords were compromised in the attack. After taking over the Gawker site, the hackers who call themselves “Gnosis” published the passwords of site staff members and published a long list of users whose password was “password.” Having a good time, the hackers shared bits and pieces of Gawker’s custom CMS source code as well.

Below is a quote from one of the hackers, posted on Mediaite.

Recommended Videos

“We went after Gawker because of their outright arrogance. It took us a few hours to find a way to dump all their source code and a bit longer to find a way into their database. We found an interesting quote in their Campfire logs:

Hamilton N.: Nick Denton Says Bring It On 4Chan, Right to My Home Address (After
The Jump)

Ryan T.: We Are Not Scared of 4chan Here at 210 Elizabeth St NY NY 10012

I mean if you say things like that, and attack sites like 4chan (Which we are not affiliated to) you must at least have the means to back yourself up. We considered what action we would take, and decided that the Gawkmedia “empire” needs to be brought down a peg or two. Our groups mission? We don’t have one.

We will be releasing the full source code dump along with the database at 9PM GMT today. You are the only outlet we have told the release time.”

While initially denying the attack, Gawker has issued an apology to its users on all of its sites, urging them to change their passwords because of the attack. Though passwords were encrypted, simple passwords (such as “password”) may be cracked by group, which has a complete copy of the entire account database.

“We understand how important trust is on the internet, and we’re deeply sorry for and embarrassed about this breach of security—and of trust,” said Lifehacker. “We’re working around the clock to ensure our security (and our commenters’ account security) moving forward. We’re also committed to communicating openly and frequently with you to make sure you understand what has happened, how it may or may not affect you, and what we’re doing to make sure this never happens again.”

If you have ever commented on any of the Gawker sites, we recommend that you go and change your password. What do you think of this rise of Internet hacking groups? Is it better when hacking is done in the dark or when it’s out in the public like this and Operation Payback?

Topics
Jeffrey Van Camp
Former Digital Trends Contributor
As DT's Deputy Editor, Jeff helps oversee editorial operations at Digital Trends. Previously, he ran the site's…
Thomson Reuters lands copyright win against AI company. What’s next?
Thomson Reuters website as seen on an iPhone 16 Pro.

The first landmark win in an AI copyright case is here. A Delaware court has ruled that a tech startup used copyright-protected material to build a competing AI-based legal product, which is against the law, handing over a remarkable win to Thomson Reuters.

This is the first major victory for a plaintiff fighting against an AI company over what constitutes “fair use” of material owned by another entity. The parent company of the Reuters news agency has been tangled in a lengthy legal case against Ross Intelligence, an AI company that lifted material from Thomson Reuters’s Westlaw platform.

Read more
Apple has a chance to correct one of its biggest mistakes — and it could happen imminently
A man wears an Apple Vision Pro headset.

Stop me if you’ve heard this one before: Apple’s Vision Pro headset is too expensive. OK, it’s not exactly an unusual sentiment, but something has just happened that could mean Apple is about to take action on this stickiest of sticking points. Indeed, if it comes to pass, Apple might go some way to putting right one of its biggest recent missteps.

Here’s the deal. Bloomberg’s Mark Gurman recently took to X to announce his belief that Apple would have some Vision Pro-related news to announce this Friday. Gurman didn’t say what that revelation would be exactly, but if Apple is reaching out to the press, it could suggest that something big is about to go down.

Read more
This tech can end QR code scams, if only Google and Apple pitch in
Scanning a QR code using a phone.

The most successful digital scam is one that is tied to convenience. QR codes, which are used for everything from sharing contacts to making payments, are an ideal vector. In India, which runs the world's largest digital payment system, QR code scams have become a regular nuisance.

I regularly hear from retail shop owners and cab drivers about how they were duped using a fake QR code or app, and similar is the tale of online shoppers. Parking lot QR scams are also rampant in the US and UK, but stealing a few dollars is not the only risk.

Read more