I’ve had to change a lot of passwords in the last two weeks.
I had a Macbook stolen one weekend and then this weekend my login data was among the 1.3 million usernames and passwords compromised when hackers broke into Gawker Media’s servers and stole everything they could get their hands on. The hackers were able to access and download user data, CMS source code, and more from the servers and then posted it to torrent sites for anyone to download. If you’ve ever commented on any of Gawker’s hugely popular sites such as Gizmodo, Lifehacker, or Deadspin your credentials are most likely in there. (Find out for sure using Slate’s checker.) This is a huge security breach and could impact Gawker Media’s industry dominance as they must work to regain the trust of their readers and commenters.
Meanwhile, a few other companies are taking this opportunity to not only protect their customers’ accounts, but also demonstrate that they’re concerned about data security and grab some positive PR as well. Companies such as LinkedIn and Amazon have mined the stolen Gawker data for email addresses matching their customer accounts and automatically reset their passwords. This proactive step not only protected customers but will also reduce a lot of upcoming customer service hours needed to handle and fix hacked accounts or return fake orders. It also prevents customers unaware of the incident with Gawker from misplacing blame if their accounts were compromised.