A lot of people are gawking at Gawker Media this morning, though not for reasons that will bring much cheer to its founder, Nick Denton. Gawker, the parent company of popular blogs like Gizmodo, Lifehacker, Jezebel, and ValleyWag, has suffered a significant breach. A hacker group known as Gnosis has taken over the site.
Gnosis accessed Gawker's source code and posted it on torrent sites. They also hacked into Gawker's content management system, posting a fake story on the home page linking to the source code torrents. Additionally, the group infiltrated the site's database, gaining access to the email addresses and passwords of Gawker's staff and over 1 million registered readers. These details have also been released on torrent sites, available for free download.
Why is Gnosis targeting Gawker? They believe Gawker was picking on 4chan, a group known for creating the vigilante group Anonymous and various internet memes like lolcats and Rickrolling. Gnosis hacked Gawker's internal chat software and shared a snippet of dialogue among Gawker staff following a DDoS attack by 4chan in July. Here’s an excerpt from their conversation:
Maureen O.: It appears that there is dissent among the 4channers as to whether 4chan's attack on us means 4chan is pathetic and unscary now.
Hamilton N.: Be sure to point out that they are dorks for doing that.
Brian M.: The headline of your post should be "Suck on This, 4Chan."
Maureen O.: I like the call to make today Everybody Write About 4chan Day.
Hamilton N.: Nick Denton Says Bring It On 4Chan, Right to My Home Address (After The Jump).
Ryan T.: We Are Not Scared of 4chan Here at 210 Elizabeth St NY NY 10012.
There’s a lot of quiet chuckling across the internet today. Gawker, which seemingly aims to be the National Enquirer of web publishing, appears to be willing to do almost anything to generate web traffic. This includes paying $5,000 for a stolen iPhone prototype and an unknown amount for a sleazy account of a one-night stand with a would-be U.S. Senator. And that's just the short list of Gawker's media controversies. They are not the most sympathetic victims.
Their readers, however, are a different story. They certainly didn't deserve this breach, and the fallout could be worse than the initial attack. The list of hacked logins includes dozens of users with U.S. government email addresses, such as individuals from the FDA, Nuclear Regulatory Commission, NASA, National Institutes of Health, the U.S. Congress, several state governments, and the Department of Homeland Security.
If these individuals use the same logins and passwords across the internet, those who download this information could potentially have access to sensitive information. It is hoped that they are paying attention to this scandal and will change any passwords that match those used on Gawker. It’s likely we haven’t heard the last of this.
On the other hand, this hacking scandal could be another cunning Gawker ploy to drive traffic. They might have even paid Gnosis to do it. Given Gawker's past operations, it's not entirely outside the realm of possibility. If that’s the case, all that can be said is, way to go, Nick!
The bigger issue is that hacking seems to have become the geek leisure activity of choice. This is not good news for any of us.