URGENT: New data leak

[KitKat1985]

New data has just been leaked on the DadSec page - all the Mumsnet partner companies.

This is a huge breach and must have come from within your server as this wouldn't have just been phished.

Could be celebs/web chat guests emails on there?

Doubt it garmin. If anything it would be their PR or agent.

At first glance there doesn't appear to be anyone controversial. There might be some celeb agents but they'll be used to getting lots of weird nonsense.

It'd be nice to get a server status update from MNHQ. was phishing a cover story, and you've fixed the server hole, or is the data all still unsecured?

it's hardly Wikileaks

Best quote of the day!

I am not clicking any links. For those daft enough to who have, please could you confirm there are no MN'ers emails on any lists you have seen. Ta.

Ok, so I have to say - so what? I get enough unsolicited junk emails as it is a few more is hardly likely to make a difference.

From the information about me contained within mumsnet servers the hackers know: my email address and my first name. Which they can guess from my email address anyway. They can also surmise that I have some interest in parenting relate stuff. Big deal. It isn't like this is my banking log in!

And if your password is the same as your banking one, well change it. And don't do that again!

Can someone please give the idiot's guide to what happened?

The second day leak is PR email addresses from companies like Sky and Random House.

There does not appear to be any user email addresses. It's just PR email addresses and names.

It's only of significance because it heavily suggests a server leak, a hacked email or an inside job, rather than phishing. Jeffrey had probably been reading MNs explanations all day and wanted to prove them wrong.

Presumably they released it now because MN aren't around at this time of night.

If your email is there, what are the implications?
What should you be doing about this?

Data, sorry, not day.

Meaning as a company contact email, I don't think there are any personal addresses there.

Has anyone coined "ODFOJ" yet?

No mner email addresses. It's pretty much all PRs both in house and external.

Probably mostly of interest to netmums' commercial partnerships intern. It will save her some Googling.

Shit, I have been daft enough, what's going to happen ?
No, didn't look like any MNers, looked more like a list of professional contacts.

This man really has his knickers in a twist with mumsnet. I wonder what next.

I don't think this does rule out what MNHQ say is the "working theory" re phishing being how the passwords were gathered. The hackers chat (see links on various threads, I'm not reposting it!) suggests they were trying loads of different ways to get in - it's perfectly possible that one approach gathered the new contact list, and a different one got the passwords. By the sounds of it this has been fairly sustained.

That could be a centrally stored list of partner companies. Or, it could be someones/multiple people's email contact list. At this point we don't know and I don't think it's fair to jump to conclusions.

Yes just to clarify (and prevent panic) these appear to professional contacts e-mails / names not those of MN users.

Again it's main significance and my reason for posting is this kind of proves that this breach is not as simple as a phishing attack.

Oh and I like ODFOJ.

LeChein Nothing much. You'll probably get a lot of spam for a while. Your password won't be on Mumsnet servers so there's no real issue, although you could change it if it makes you feel better.

I wonder if they have emails from the suppliers and MN? I suppose they could cause a ruckus if they contain rates, or if there are nestle contacts or something. But in general, it's no panic. Like I said, the dig is at MNHQ, by the looks of things.

(I'm grateful for by cybersecurity training now!)

And people are clicking on this link why exactly?

Someone directed people to a fishing site in order to obtain your passwords and now someone on here is linking to that someone's page and people are clicking on it? Hasn't anyone learned anything from this?

A load of corporate email addresses are hardly news - all this stuff is generally fairly public property anyway if you can be bothered to look for it. But I wouldn't put it past someone who has already caused trouble here to start a thread saying "urgent, more data leaked, at this page" in order to direct people to their site in order to dump a load of malware on your computer or the like.

How do we know that the op isn't jeffrey?

MNHQ is a multi million pound organisation that creates its revenue through advertising revenue because it has so many members. That revenue pays some people's salaries but lack of security has left many more anxious and vulnerable. MNHQ have had a serious and damaging incident that may or may not be from inside - we plebs will never know.

I'm not Jeffery. Promise.

[Looks down top] Yep I'm definitely female and KitKat.

And obviously no-one has to click the link. I only put it there as several posters seemed to be insinuating I had made this up as the Twitter feed is suspended, but I was just pointing out this is from their webpage.

wannaBe you don't need to click the link to see what is there. You can use corporate security to frame the link and view it without making an insecure connection, if you have the tools.

You also don't need to log in to this link. I wouldn't recommend clicking it, though. Even if it just boosts his traffic, it's egging him on.

No idea how we know that OP isn't Jeffrey.

Is that the list of usernames from before? Or is it a new one?

This....

The list of usernames appears unchanged, the second list is some sort of contact list - media rather than users.