Companies React Proactively to Gawker Security Breach to Protect Customer Accounts

I’ve had to change a lot of passwords in the last two weeks.

I had a Macbook stolen one weekend and then this weekend my login data was among the 1.3 million usernames and passwords compromised when hackers broke into Gawker Media’s servers and stole everything they could get their hands on. The hackers were able to access and download user data, CMS source code, and more from the servers and then posted it to torrent sites for anyone to download. If you’ve ever commented on any of Gawker’s hugely popular sites such as Gizmodo, Lifehacker, or Deadspin your credentials are most likely in there. (Find out for sure using Slate’s checker.) This is a huge security breach and could impact Gawker Media’s industry dominance as they must work to regain the trust of their readers and commenters.

Meanwhile, a few other companies are taking this opportunity to not only protect their customers’ accounts, but also demonstrate that they’re concerned about data security and grab some positive PR as well. Companies such as LinkedIn and Amazon have mined the stolen Gawker data for email addresses matching their customer accounts and automatically reset their passwords. This proactive step not only protected customers but will also reduce a lot of upcoming customer service hours needed to handle and fix hacked accounts or return fake orders. It also prevents customers unaware of the incident with Gawker from misplacing blame if their accounts were compromised.

Continue reading “Companies React Proactively to Gawker Security Breach to Protect Customer Accounts”

Don’t Obfuscate URLs on Your Website

Link shorteners have been around for years but their common use has exploded due to Twitter and it’s 140 character limit. Unfortunately, more and more content editors and bloggers have begun using them on their websites as well.

Sure, nobody likes a 200 character long, unintelligible URL. Your website visitors like being surprised by where they end up after clicking a link even less.

Providing your site visitors with information on the domain and page a link will take them to is a critical user experience best practice. The more they know about what they’re about to click on the more likely they are to actually click the link. Which link to this blog’s Twitter archives shown below are you more likely to click on?

Full length:­twitter/

The full path of a link informs the visitor about the destination domain and page name, along with some basic info about where the page is within the site and what type of file they’re about to load. The only thing worse than using shortened links on your website would be using a shortened link to surprise a visitor with a 65 megabyte PDF that crashes their browser.

Tiny URLs have their place, but it’s not on your website.