URGENT: New data leak

[KitKat1985]

New data has just been leaked on the DadSec page - all the Mumsnet partner companies.

This is a huge breach and must have come from within your server as this wouldn't have just been phished.

[Deckthehallswithjammydodgers]

How do we know that your aren't Jeffrey wannabe ?????

[RepeatAdNauseum]

Doesn't appear to be a new list.

The only reason this is relevant is that it suggests that either:

This was never phishing and all the data has come from a server breach,

Or

There was a phishing attempt and a server breach. MN have fixed the first and said nothing about the second, so it may not be secured.

That is all. Until they appear, it's not possible to know.

[AwfulBeryl]

So what should I do now I have clicked on the link ?

[wannaBe]

but op why are you keeping tabs on his site?

[SuffolkNWhat]

Clear your cookies immediately

[howtorebuild]

The Dadsec character has about four Twitter accounts, two suspended.

[ToTheGups]

A new list, this time professional email addresses and contact names from what seems to be PR people that Mumsnet work with.

[BertrandRussell]

"MNHQ is a multi million pound organisation that creates its revenue through advertising revenue " we forget this at our peril.

[ItsNotAsPerfectAsItSeems]

But it looks to me (further down) to be a list of usernames and their passwords. Very identifiable for some people.i saw at least a handful of posters who have used their (I'm assuming) children's names as their passwords. It makes those with 2 or 3 children very identifiable.

[wannaBe]

Deckthehallswithjammydodgers nobody knows who anyone is. But I think the fact that I have been here for ten years under the same username means I would probably have hacked mn long before now if I was thus inclined, no? Whereas the op is deliberately trawling this lowlife's website and pointing users (who have already been hacked) back to it.

and really, this information isn't relevant to the users in general and doesn't actually prove anything at this stage. Remember that it is already known that the hacker obtained access to the mn administrative functionality last week, one would imagine that some form of corporate contact list may have been a part of that.

[MinesAPintOfTea]

Andof course every user that threatens to leave drives them on. Change your passwords and chill.

They go for MN because its high profile but not sensitive enough pt get in serious legal hot water. Or a personal grudge.

[bloodyteenagers]

So originally we were told - oops, forgot to feed the meter. Not to worry, all your details are safe..

Then oopsie, seems some details have been gathered from phishing and your password and user name have been comprimised. Don't worry, everything is safe..

Yes sorry don't worry we have reset everyone password. But not going to kick everyone off so everyone has to log in again. Don't see the point. Oh but not everyone was reset.

Now this..

Mnhq really need to look within. Phishers are con artists who convince people they are legit..

[KitKat1985]

WannaBe I checked the list earlier to see if I was on it. I just happened to have many pages open on my web-browser and didn't close the page after checking, and saw it had been updated just as I was closing pages down ready to turn my laptop off about 30 minutes ago. I'm not going to spend all night trying to convince you I'm not 'Jeffery' though if you don't believe me. I'm a long term member and poster. Frankly my LO likes to get up at 5am so I'm off to bed in a minute!

[wannaBe]

fwiw I don't necessarily think that the op is Jeffrey. However I do think that keeping an eye on Jeffrey's website and posting links to it here is extremely unwise.

and yes, clear all cookies etc immediately if you've been on there. I imagine that if the police are involved already they will already be keeping tabs on the site anyway.

[StatisticallyChallenged]

it'snot, the list further down is the one from earlier. That site is where it was posted.

[RepeatAdNauseum]

Interesting that MNHQ have deleted the link to the gits website but not commented...

I messaged earlier about helping to get that Twitter account taken down. If you alert them to this, they'll stop new ones from popping up so easily.

[wannaBe]

they've commented on the other thread the hacker part3 one....

[AwfulBeryl]

Thanks, have cleared my cookies. Do you think I need to change my password again ?
Sorry, I know nothing about all this.

[Allisgood1]

Can someone PM me the website and also the list with names and passwords? Need to make sure it's not me that's on there.

[Whatsforsupper]

I've looked at the second leak its not User information its emails and names of partners of the website its nothing to be alarmed about.

Look, I work as a threat analyst in cyber crime have done for many years.

I'm not sure whats happened with this site they seem to be trying to get to the bottom of it. You know it takes some time to go through this forensically.

Justine has being very honest and upfront with users about what Mumsnet think happened and what they know so far.

I've seen major corporations had far worst hacks But refused to be honest with clients due to reputation damage its not being the case here.

[StonedGalah]

KitKat we don't use 'Lo' on MN [suspicious]

[Whatsforsupper]

Again,this second leak is Not User PWS Or log ins.

Its emails and names of companies that( apparently) do business with Mumsnet.

[StonedGalah]

LO even

[AwfulBeryl]

Shit, have we been hacked by netmums ?

[bumbleymummy]

Has anyone had to change their password again?