TechSpot

1.3 million Gawker emails and passwords available in a torrent

By Matthew
Dec 14, 2010
Post New Reply
  1. Gawker Media suffered a massive security breach on Sunday night after the email addresses and passwords for more than a million members leaked online. A hacker group dubbed "Gnosis" has claimed credit for publishing the information, which is now available as a 487MB torrent download.

    Read the whole story
     
  2. lawfer

    lawfer TechSpot Paladin Posts: 1,272   +91

    123456...

    Really?
     
  3. KG363

    KG363 TS Enthusiast Posts: 524   +9

    facepalm.jpg
     
  4. lchu12

    lchu12 TS Enthusiast Posts: 199   +9

    One word: "owned"
     
  5. Emin3nce

    Emin3nce TS Rookie Posts: 129

    i mean, figuratively

    0n3tw0thr33f0uRF1v3s1XXX is a good password... but, **** you leetspeak.
     
  6. mario

    mario Ex-TS Developer Posts: 399   +17

    My account was compromised, I even downloaded the torrent to recheck
     
  7. KarbonKopy

    KarbonKopy TS Rookie

    They got mine, but only my username and email, my password is just gibberish. Good luck cracking that heh....
     
  8. trparky

    trparky TS Rookie Posts: 70   +9

    You mean to tell me that the passwords weren't encrypted? WTH?
     
  9. Matthew

    Matthew TechSpot Staff Topic Starter Posts: 6,087   +84 Staff Member

    "Users who log into Gawker sites via Twitter or Facebook don't have to worry about their data, and while all of the standard account passwords were originally encrypted, nearly 200,000 weak ones have already been decoded. The WSJ has analyzed the cracked passwords revealing a scary trend."
     
  10. madboyv1

    madboyv1 TechSpot Paladin Posts: 964   +49

    I don't log into any of those sites, but it's still scary stuff. the 12345/123456 passwords remind me of Spaceballs... lol
     
  11. First they expose my password to hackers, then when I go to delete my Gawker account (which I haven't used in ages), I get the following:

    "We understand how important trust is on the web, and some of you may wish to delete your Gawker Media account. Currently account deletion is not available. We will, however, give you this option as soon as possible."

    Which I translate to:

    "We understand how important it is for us to keep our numbers up, and we're scared s---less that a significant portion of our readership is going to abandon us, so we're not going to allow them to do so."

    Nice ethics, Gawker
     
     
  12. They won't allow account deletion probably because who knows who might have access your account (passwords were stolen right?) and delete it.
     
  13. Matthew

    Matthew TechSpot Staff Topic Starter Posts: 6,087   +84 Staff Member

    Aye. I'm sure there are plenty of reasons why they wouldn't let you delete your account at the moment. Slow down on the assumptions and be patient.
     
  14. madboyv1

    madboyv1 TechSpot Paladin Posts: 964   +49

    The most likely reason they don't want people deleting their accounts is since the user data is floating out there, anyone who can decrypt passwords or has a list of decrypted passwords could go to the site and start mass deleting users as an act of vandalism.

    Locking the delete function is likely to keep that from happening, though I suppose such a measure is a shoddy one at best, and those who have control over compromised users can vandalize these sites with spam/ad posts... it's basically a lose lose unless they can come up with a way to figure out which user/computers are the legitimate owners of the account.

    Also, this comic is quite relevant lol... http://xkcd.com/792/

    edit: that's what I get for sitting in the post reply page for an hour... lol
     
  15. Kibaruk

    Kibaruk TechSpot Paladin Posts: 1,417   +116

    I find this more than good, first to let the companies that manage our passwords and private data to keep security at bay and not take anything for granted, on the other hand a facepalm for dumb users who think their passwords are clever, the only thing thats left right now is iamgod or superuser or crap like that.

    I once read a good way to make secure passwords and that way is to think of a phrase like... My birthday is January 10 and I was born on 1990, and get first letters and numbers, MbiJ10aIwbo1990 for example.
     
  16. Just adding an uppercase letter, or a symbol or a mix of letter and numbers would make a huge difference, even to these simple passwords. It seems though like passwords may no longer be the best way to secure logins. Maybe we need to use certificate based logins or some other method.
     
  17. j05hh

    j05hh TS Rookie Posts: 99   +15

    rofl, i can't help but laugh at people who choose passwords like 123456 or "password" common people. Get with the 20th century.
     
  18. Damn and I was so sure my password was on the list. So what the hell was it ? I hope they crack it soon lol.
     
  19. Zilpha

    Zilpha TS Enthusiast Posts: 349

    We just need another "Hackers" movie to raise awareness. I don't see love, sex, secret or god on there.

    But still - just wow. How can people really be that careless?
     
  20. demonlord721

    demonlord721 TS Member Posts: 23

    For those of you who got the message "Deletion of accounts is no longer available" that is for your protection not for gawkers statistics, if the hacker decided to they could have gone in and deleted everyones accounts.
     
  21. How is a hacker deleting my account worse than a hacker using my account to spam the comment forums? If I keep my account and use a new password, why should I trust Gawker to protect the new password on my account better than they did the last one? I want out. Let me out.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.