The world of online security has been tumultuous over the last two weeks after the release of diplomatic cables by Wikileaks. Now major sites are coming under attack by hackers, with significant data loss suffered by gossip site Gawker and online retail site Amazon denying that recent downtime was caused by a distributed denial of service (DDoS) attack.
It is known that Amazon was a target of the Anonymous group of pro-Wikileaks hackers, but downtime of the UK and other European iterations of its retail site on Sunday evening, has now been officially put down to a technical fault, rather than the actions of third party groups acting with malicious intent.
Gawker has been the biggest victim in recent days, with 1.3 million of its users having their passwords and login details exposed alongside more than half a million personal email addresses, as the result of a hack.
The Gawker data loss incident is not believed to have any relation to the Wikileaks debate, but it is a serious security breach, since many people use the same email address and password to log into multiple accounts and the exposure of users in this way could leave hundreds of thousands open to further exploitation on unrelated services.
Gawker told its users that they should change their password not only on its site but also on any other service which shared that password, as criminals might now be able to access other accounts linked to individuals.
It said that encryption was present but a brute force attack is likely to have breached its security and compromised one of its servers.
Gawker has expressed its embarrassment at the data breach and the subsequent leaking of millions of passwords.
Social networking site Twitter has become awash with spam from legitimate accounts, after the hackers made passwords available via file sharing services and cybercriminals quickly logged into accounts to spread their malicious links.
The actions of Anonymous and the Gawker hackers have reawakened serious questions about IT security in a corporate environment and shown how easily large entities can be brought to their knees by small groups of dedicated hackers.
