The Gawker hack: how a million passwords were lost [telecom]

The Gawker hack: how a million passwords were lost

by Joseph Bonneau December 15, 2010

Almost a year to the date after the landmark RockYou password hack, we have seen another large password breach, this time of Gawker Media. While an order of magnitude smaller, it's still probably the second largest public compromise of a website's password file, and in many ways it's a more interesting case than RockYou. The story quickly made it to the mainstream press, but the reported details are vague and often wrong. I've obtained a copy of the data (which remains generally available, though Gawker is attempting to block listing of the torrent files) so I'll try to clarify the details of the leak and Gawker's password implementation (gleaned mostly from the readme file provided with the leaked data and from reverse engineering MySQL dumps). I'll discuss the actual password dataset in a future post.


formatting link

Reply to
Monty Solomon
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.