Users wooly after knitting website hack

By

Blogging server cracked.

Hackers have stolen usernames and passwords of popular knitting website Ravelry after cracking a secondary server used for its blog site.

Users wooly after knitting website hack

An attacker tried "various methods" to crack into the website and succeeded using a "weak link" on the blog server.

Ravelry said it had hired an information security consulting firm to run penetration tests against its systems, installed intrusion detection systems, and hardened its networks by removing unused software and services.

"As an example, the software we used to run our blog was not only completely re-installed, it was also moved to a separate web host to limit exposure in the future," the company said in a post.

"We are a tiny company with a small staff and only one engineer/programmer but we still take security very seriously."

It said passwords were encrypted and no financial information was lost.

Ravelry advised users to change passwords to their other accounts, if they used the same password to log in to multiple online services.

It also said users should consider using a password manager.

"We are deeply sorry that this has happened. We care very much about all of you and we never want something like this to happen again."

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?