Security experts are warning internet users to maintain different log-in credentials for different accounts, after news emerged that hundreds of thousands of Twitter accounts may have been compromised when Gawker Media’s web sites were hacked.
The media house, which owns sites such as Lifehacker, Gizmodo, Gawker and Jezebel, was hacked over the weekend, exposing the details of those who had left comments on the sites.
In a statement, the firm said: “We understand how important trust is on the internet, and we're deeply sorry for and embarrassed about this breach of security – and of trust.”
“If you've registered an account on any Gawker Media web site and you didn't log in using Facebook Connect, then it's best to assume that your username and password were included among the leaked data.”
The details of more than one million accounts were then posted on Pirate Bay and appear to have been used to hack the Twitter accounts of those who used the same log-in credentials for the micro-blogging site, and then send out spam.
In a Twitter update, the firm’s head of trust and safety, Del Harvey, wrote: “Got a Gawker acct that shares a PW w/your Twitter acct? Change your Twitter PW. A current attack appears to be due to the Gawker compromise.”
The attack in question is a spam campaign which may have used hundreds of thousands of hacked accounts to send messages promoting an acai berry diet, according to Sophos senior technology consultant Graham Cluley.
“Not enough computer users have woken up to the danger of using the same password on different websites. Doing that means that if one site gets hacked (as in the Gawker case) then you might also be handing over the keys to other websites,” he wrote in a blog post.
“Once one password has been compromised, it's only a matter of time before the fraudsters will be able to gain access to your other accounts and steal information for financial gain.”
Cluley recommended users strengthen their passwords by not choosing dictionary words, but instead using other techniques to build seemingly random combinations of characters.
“A good trick is to pick a sentence and just use the first letter of every word to make up your password,” he added.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago