Author Topic: Gawker media accounts leaked  (Read 3306 times)

Offline idolminds

  • ZOMG!
  • Administrator
  • Forum god
  • *
  • Posts: 11,940
Gawker media accounts leaked
« on: Monday, December 13, 2010, 01:51:03 PM »
Uh oh

If you've got an account on any of the Gawker sites (Kotaku, Lifehacker, Fleshbot, etc), you might want to change your passwords. The site has a little widget that lets you check if your email address was on the list.

Offline scottws

  • Gold Member
  • *
  • Posts: 6,603
    • Facebook Me
Re: Gawker media accounts leaked
« Reply #1 on: Monday, December 13, 2010, 02:34:59 PM »
I'm safe.

Offline iPPi

  • Senior Member
  • *
  • Posts: 3,159
  • Roar!
Re: Gawker media accounts leaked
« Reply #2 on: Monday, December 13, 2010, 05:19:43 PM »
I'm safe because I don't have an account with them.

Offline Cobra951

  • Gold Member
  • *
  • Posts: 8,934
Re: Gawker media accounts leaked
« Reply #3 on: Monday, December 13, 2010, 06:50:51 PM »
I never use my main email acct to register for anything trivial.

Offline idolminds

  • ZOMG!
  • Administrator
  • Forum god
  • *
  • Posts: 11,940
Re: Gawker media accounts leaked
« Reply #4 on: Monday, December 13, 2010, 10:46:53 PM »
Interesting, got an email supposedly from blizzard that they are forcing a password reset for Battle.net accounts because of this.
Quote
We’ve recently been informed that several Gawker Media websites have been compromised. These websites include Gawker, Gizmodo, Kotaku, Lifehacker, Jezebel, io9, Jalopnik, Deadspin, and Fleshbot. To help minimize the effects of this compromise and help keep your Battle.net account safe and secure, we’ve reset your account password. To complete the password reset, please log into Battle.net Account Management (https://us.battle.net/account/management) and follow the provided instructions.

If you are a registered commenter for any of these sites and used your Battle.net email address to sign up with Gawker Media, we also recommend that you update your Battle.net address as soon as possible via Account Management. If you are unable to complete this step or the password reset on your own and believe your account may be compromised, please contact our customer support staff by using the Account Recovery form (https://us.battle.net/account/support/account-recovery.html) and be sure to check out our Account Security Awareness guide (http://us.battle.net/en/security/) for additional security tips and suggestions.
Anyone else get this? Is it legit? I also got an email saying someone requested my bnet password reset.

Luckily I changed my bnet password a while ago.

Offline shock

  • Poster Child
  • ***
  • Posts: 994
Re: Gawker media accounts leaked
« Reply #5 on: Tuesday, December 14, 2010, 06:25:14 AM »
Be wary sir.  I haven't gotten anything like that.  Battle.net is down for maintenance at the moment but I'll try logging in later.
Suck it, Pugnate.

Offline idolminds

  • ZOMG!
  • Administrator
  • Forum god
  • *
  • Posts: 11,940
Re: Gawker media accounts leaked
« Reply #6 on: Tuesday, December 14, 2010, 07:40:43 AM »
Some people said the email address its supposedly from isn't a real blizzard addy. It did strike me as fake, since why would blizzard do such a thing anyway? I never click on any battlenet email links, I always go to the real site manually.

Offline scottws

  • Gold Member
  • *
  • Posts: 6,603
    • Facebook Me
Re: Gawker media accounts leaked
« Reply #7 on: Tuesday, December 14, 2010, 07:54:14 AM »
Interesting, got an email supposedly from blizzard that they are forcing a password reset for Battle.net accounts because of this. Anyone else get this? Is it legit? I also got an email saying someone requested my bnet password reset.

Luckily I changed my bnet password a while ago.
Phishing.  I use my Gmail account for everything, including my Battle.net account, and I haven't received anything like that.

Speaking of this, I keep receiving these e-mails from Best Buy talking about my Best Buy Credit Card and how I can manage the card online.  I don't have and never applied for a Best Buy Credit Card.  I thought it was phishing, but I've done a lot of research into the e-mail headers and it is definitely a real e-mail from Best Buy.  I've called them several times about this and they just say I should not be concerned because my SSN doesn't come up in their system as having a card so there can be no averse effect on my credit even if there is a card open in my name.  The did say that the card does have my name and e-mail address, but a completely different SSN, address, and phone number.  They say the owner probably just mistyped the e-mail address and it was mine.

The strange thing is that the e-mail uses my full first and last name; my email address does not reference my last name.  How in the world did I start receiving these e-mails?  What are the chances that someone has the same first and last name as me and also an e-mail address that is very close to mine?

Offline idolminds

  • ZOMG!
  • Administrator
  • Forum god
  • *
  • Posts: 11,940
Re: Gawker media accounts leaked
« Reply #8 on: Tuesday, December 14, 2010, 08:22:10 AM »
Huh, weird.

So I found out something cool. I've been using KeePass to generate and store secure passwords. I have the database file sync online using Dropbox so I can access it from my laptop as well as just keep a remote copy so I don't lose the file.

I went through all the important sites for me and changed the passwords using this, but it was a pain in the ass to have to copy and paste the password whenever I wanted to log in at a site. Then I read there is an awesome shortcut. If you put in the sites URL with that entry in the database, when you're on the site and have the user/pass boxes selected, Ctrl+alt+a and it will automatically fill them in and submit.

So now its all nice and easy to log in to these sites, and it wont do it unless the URL matches what I place in the program. Wee!

Offline scottws

  • Gold Member
  • *
  • Posts: 6,603
    • Facebook Me
Re: Gawker media accounts leaked
« Reply #9 on: Tuesday, December 14, 2010, 08:32:20 AM »
We use KeePass Password Safe at work.  We had some trouble with using a key file between Macs and Windows though, so just use the password.

It's a decent free app.  I just wish it was a true multi-user database.  Instead everyone uses it via the rarely-used Briefcase and syncs their updates back to the server.  I also haven't had much luck with the auto-login feature.  It works sometimes, but not as often as I'd like.
« Last Edit: Tuesday, December 14, 2010, 12:57:47 PM by scottws »