By Charles Arthur
29 December 2010
Hackers had access to the gossip site Gawker's content management system
(CMS) and password files for around six months, rather than the few days
suggested by the company, the Guardian has learnt from sources connected
to the break-in.
That contradicts the indications given by Gawker in public statements,
such as an email sent out on 17 December by Thomas Plunkett, Gawker's
chief technology officer, in which he suggested that the hackers only
had access "briefly" to the site: "Gawker Media servers and some company
email accounts were compromised by hackers at some time during the last
few weeks; the compromise was made public to us (and everyone else) this
past weekend," Plunkett wrote in an internal memo which was reposted on
the Poynter.org website.
The hacking of Gawker and its associated sites led to the usernames,
email addresses and passwords of 1.3 million registered users of the
sites being made available . among them, those for Gawker staff
including its chief Nick Denton. The hackers discovered Denton had used
the same password for Gawker and for other sites such as Campfire, used
by his company to coordinate its work. That allowed them to access those
sites and find sensitive details including chats between members of the
Sources close to the hacking group Gnosis, which carried out the attack,
have told the Guardian that they obtained access to Gawker's server by
using a "local file inclusion" (LFI) weakness. Gawker has not previously
said whether the access was via a weakness in the Gawker site, via a
staff member's password, or some other means.
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.