Communication with a client(s) during a crisis situation is important. When your users’ account emails and passwords have been compromised, it’s even more important.
Though we got the first notification of this problem at 7 a.m. today, and it wasn’t until 10:07 p.m. tonight that we received this note from Gawker, it’s still a good thing they sent it out.
(The more troubling point is that we checked all our email addresses this morning and the one this message was sent to apparently wasn’t in the Gawker database so we’re not sure why we are getting this message!)
Here’s their statement.
This weekend we discovered that Gawker Media’s servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. As a result, the user name and password associated with your comment account were released on theinternet. If you’re a commenter on any of our sites, you probably have several questions.
We understand how important trust is on the internet, and we’re deeply sorry for and embarrassed about this breach of security. Right now we are working around the clock to improve security moving forward. We’re also committed to communicating openly and frequently with you to make sure you understand what has happened, how it may or may not affect you, and what we’re doing to fix things.
This is what you should do immediately: Try to change your password in the Gawker Media Commenting System. If you used your Gawker Media password on any other web site, you should change the password on those sites as well, particularly if you used the same username or email with that site. To be safe, however, you should change the password on those accounts whether or not you were using the same username.
We’re continually updating an FAQ (http://lifehac.kr/eUBjVf) with more information and will continue to do so in the coming days and weeks.