Gawker breach prompts LinkedIn, Yahoo password resets

Powered by SC Magazine
 

Antiquated encryption algorithm a key security flaw.

The recent theft of approximately 1.3 million account details from the servers of online media company Gawker has prompted password resets at a number of popular websites, including Yahoo, LinkedIn and World of Warcraft.

Social media site LinkedIn said it has identified a “very small fraction” of its members whose accounts could potentially be affected by the breach.

“As we closely monitored the situation, we decided it was imperative to take pre-emptive action to help ensure that those leaked passwords were not being used to attack any LinkedIn members,” Vincente Silveira, principal product manager at LinkedIn, wrote in a blog post.

Gawker disclosed last week that its servers were compromised by hackers to steal readers' emails and passwords belonging to its properties, including Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot. The stolen passwords were posted on The Pirate Bay, a Swedish-based website that indexes BitTorrent files, allowing others to compromise user accounts.

A hacking group, Gnosis, has taken responsibility for the intrusion, the company said.

As a result of the breach, Twitter has also reset affected users' passwords, but not before hundreds of thousands of Twitter accounts were compromised to spread bogus tweets promoting the so-called Acai berry diet. The fake messages were posted from Twitter accounts of individuals that used the same password for both Gawker and Twitter.

Like LinkedIn, several other companies decided to reset users' passwords as a result of the breach, including Blizzard Entertainment, maker of the popular online game World of Warcraft and search giant Yahoo.

“To help minimise the effects of this compromise – namely for players who might be using the same login information for their Gawker Media accounts and their Battle.net [World of Warcraft] accounts – we issued password-reset emails for several accounts,” Blizzard Entertainment wrote in a security alert on its website.

Meanwhile, an analysis of the breached data by researchers at two-factor authentication provider Duo Security has revealed that easy-to-guess passwords are still favored among users. The most common password among Gawker users was “123456,” followed by “password” and “12345678.” Rounding out the top five most common passwords were “qwerty,” representing the first six letters of the keyboard layout, then “abc123.”

Gawker committed several security failures that led to the breach, one of which was the use of an antiquated encryption algorithm to protect users' passwords, Seth Hanford, operations team lead for Cisco's IntelliShield vulnerability and threat analysis team, wrote in a blog post. The online media company was using the Digital Encryption Standard (DES), an encryption algorithm that was broken in the 1990s.

Researchers at Duo Security used a password hash cracking tool called 'John the Ripper' to easily brute force the password hashes posted online by the Gawker hackers.

“DES encryption of user passwords is very poor practice in 2010,” Hanford wrote.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
Tracking the year of CIO churn
[Blog post] Who shone through in 12 months of disruption?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  4%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1051

Vote