[Owasp-turkey] FW: Gawker Comment Accounts Compromised -- Important

Haluk Akin halukakin at gmail.com
Tue Dec 14 14:29:54 EST 2010


Merhaba,

Aşağıdaki emaili gawker hesabı olan arkadaşlar almıştır. Anlaşılan Gawker
şifreleri açık tutuyormuş ve çaldırmış.

Bugün bir de Linkedin'den de mesaj alanlar oldu muhtemelen. Şifrenizi
yenilemeniz gerektiğini yazdılar. Bu bir phishing mesajı değil, gerçekten
yenilemeniz gerekiyor. (Gerçi şu anda yenileme sayfaları çalışmıyor, sürekli
hata veriyor).

Gawker ve Linkedin'in mesajları arasında bir bağlantı var. Tam olarak
açıklamıyorlar ne olduğunu ama bir bağlantı olduğunu şu blog'a cevap olarak
yazmışlar:
http://www.centernetworks.com/linkedin-forcing-all-passwords-to-change


Hatta twitter'daki yorumlara bakılırsa Linkedin dün ve bugün ara ara siteyi
bile kapatmış:
http://twitter.com/#search?q=%23linkedin


Gawker ve Linkedin arasında nasıl bir bağlantı var bilmiyorum. Linkedin'deki
bütün şifreler çalındıysa özellikle firmalar açısından çok büyük bir breach
potansiyeli var. 

Haluk


-----Original Message-----
From: Gawker Media [mailto:help=gawker.com at mcsv177.net] On Behalf Of Gawker
Media
Sent: Tuesday, December 14, 2010 4:00 AM
To: halukakin at gmail.com
Subject: Gawker Comment Accounts Compromised -- Important

This weekend we discovered that Gawker Media's servers were compromised,
resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9,
Jalopnik, Kotaku, Deadspin, and Fleshbot. As a result, the user name and
password associated with your comment account were released on the internet.
If you're a commenter on any of our sites, you probably have several
questions.

We understand how important trust is on the internet, and we're deeply sorry
for and embarrassed about this breach of security. Right now we are working
around the clock to improve security moving forward. We're also committed to
communicating openly and frequently with you to make sure you understand
what has happened, how it may or may not affect you, and what we're doing to
fix things.

This is what you should do immediately: Try to change your password in the
Gawker Media Commenting System. If you used your Gawker Media password on
any other web site, you should change the password on those sites as well,
particularly if you used the same username or email with that site. To be
safe, however, you should change the password on those accounts whether or
not you were using the same username.

We're continually updating an FAQ (http://lifehac.kr/eUBjVf) with more
information and will continue to do so in the coming days and weeks.

Gawker Media

==============================================
You are receiving this email because your email address was associated with
a Gawker Media user account. We are using this list only for the purpose of
sending you this important notification.

Unsubscribe halukakin at gmail.com from this list:
http://gawkermedia.us2.list-manage.com/unsubscribe?u=3c8e5d7d32e57d5b89c516c
3b&id=83042a99b7&e=3a3289d534&c=db43e1f179

Our mailing address is:
Gawker Media
210 Elizabeth St
Floor 4
New York, New York 10012



More information about the Owasp-turkey mailing list