Users wooly after knitting website hack

By
Follow google news

Blogging server cracked.

Hackers have stolen usernames and passwords of popular knitting website Ravelry after cracking a secondary server used for its blog site.

Users wooly after knitting website hack

An attacker tried "various methods" to crack into the website and succeeded using a "weak link" on the blog server.

Ravelry said it had hired an information security consulting firm to run penetration tests against its systems, installed intrusion detection systems, and hardened its networks by removing unused software and services.

"As an example, the software we used to run our blog was not only completely re-installed, it was also moved to a separate web host to limit exposure in the future," the company said in a post.

"We are a tiny company with a small staff and only one engineer/programmer but we still take security very seriously."

It said passwords were encrypted and no financial information was lost.

Ravelry advised users to change passwords to their other accounts, if they used the same password to log in to multiple online services.

It also said users should consider using a password manager.

"We are deeply sorry that this has happened. We care very much about all of you and we never want something like this to happen again."

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

National photo licence recognition system set to go live in 2025

National photo licence recognition system set to go live in 2025

Hackers using F5 devices to target US gov networks

Hackers using F5 devices to target US gov networks

Australia's new cyber affairs ambassador sourced from ASD

Australia's new cyber affairs ambassador sourced from ASD

Austrade to replace its data centre core network

Austrade to replace its data centre core network

Log In

  |  Forgot your password?