If you’re tweaked that this is the first you’re hearing about the Lifehacker data compromise, rest assured that the Gawker tech team is on it, and are currently resetting passwords and contacting affected users. So, if you haven’t heard from Gawker yet, you will soon. As for why Gawker was hacked, it appears that there has been a longstanding feud between Gawker and Gnosis and their ilk. In the torrent file description Gnosis taunts Gawker, saying: The script kids reference is likely an allusion to Gawker’s comments when a group of 4chan members attempted to bring Gawker down after the blog demonized the group for launching a concerted campaign of harassment on an 11-year old YouTube member. A Gawker blogger wrote of their attempts: Gnosis, however, claims no connection to 4chan or Anonymous, the group that most recently waged war against MasterCard, PayPal and Visa. At any rate, this is a fair amount of drama—unfortunately, many of us readers have been caught in the collateral damage. If anything, this should serve as a stirring reminder to always keep strong passwords, never use a universal “master” password across accounts and to be sure to change your password periodically, in case one of these data breaches goes unnoticed. If this seems like a hassle to you, then we recommend checking out a password manager, such as LastPass, which we covered earlier in our Google Chrome Extensions Power List. Also, if you are curious as to whether your email was included in the database, but don’t want to tangle with any fishy business by downloading the torrent yourself, you can run your email address through a widget put together by Slate. Personally, my email didn’t come back as compromised—but I’m still going to be changing all of my passwords, just in case my email was included among those “million or so” easily decryptable passwords, which don’t appear to be included in Slate’s database. Update: it appears that Slate’s widget does include your email, even if your password is included in encrypted form. Update: A couple reports of people getting suspicious emails re: their Gawker accounts. Probably phishing attempts, since the release included emails as well. PLEASE BEWARE OF THIS. Do not visit any links from anyone claiming to be from Gawker or one of their blogs. Instead, visit their site directly and change your password there. There are links all over the place on their front page, you can’t miss it. Update: Upon receipt of an email notification from Gawker, it appears that I am actually in trouble, since I signed up for a Gawker account years ago with an old email address. So, that got me thinking: what else have I signed up for years ago with that same email and password that I may have forgotten about? So, in order to jog my memory, and yours, I’m going to create a massive list of online service that you may have signed up for in the past. Please add to this list if you can.
Master Accounts
GoogleYahoo!Windows LiveOpenID
Gmail Yahoo! Mail HotmailWindows Live Mail Microsoft ExchangeZoho MailLavabitHushmailAIM MailGMX MailGawabInbox.comFastMail
Finance/Money
(usually have multiple layers of security, but just in case…)
Mint QuickenWesabeKivaPaypal PNCU.S. BankFifth ThirdHuntington NationalBank of the WestBBTCharles SchwabE-TradeUBSDiscoverChaseHSBCING DirectAllied BankBank of AmericaWells FargoCapital OneThriveGeezeoSimplifiPlaywithvoyantCreditKarmaFidelityTD Ameritrade
Shopping
Blogs/News
TechnoratiNYTimes.comPosterousNPR
Webmaster/Admin
TumblrSquareSpaceTypepadWordPress.comBloggerVoxXangaOther self-hosted blogsDrupalJoomlaWordPress.org (did you check ALL your self-hosted blogs?)StatcounterChartBeatGoDaddyDirectNICDotsterenomGandiJokerKey SystemsMonikerName.comNameSecure1and1A Small OrangeGatorHostBlueHostDreamHost
Photosharing
Flickr SkitchPhotobucket DotPhotoSnapfishKodak EasyShare FotkiPicasaWebshotsCare to Connect
Social Media
Facebook MySpace LinkedIn ClassmatesFriendsterNingiLikeTwitter HootSuiteTweetDeckFriendFeed
Social Bookmarking
DiggDeliciousStumbleUponReddit
Chat/Communications
SkypeAdiumAOL Instant MessengerWindows Live MessengerGoogle ChatPidginMeebo
Meetings/Scheduling/Project Management
Tungle.meManyMoonCampfireBasecampGotoMeetingDimdimWebExYugmaZoho MeetingVyew
Multimedia
iTunesNetflixYouTubeMetacafeVimeoScribdSlideShare
Other
WikipediaDropboxSugarSyncBoxCampusFoodMozyPhpBBvBulletinConstant ContactiContactExactTargetHowcastSquidoo
Mobile
YelpWords with FriendsFoursquareCrystal (i.e. Angrybirds)
Phew. That’s barely scratching the surface, I know. But it just goes to show that we sign up for an inordinate amount of services. Please contribute to this list—especially the obvious ones I missed. Comment Name * Email *
Δ Save my name and email and send me emails as new comments are made to this post.
