That really wasn't well handled was it MNHQ?

[ASorcererIsAWizardSquared]

Yes, this is a telling off.

Your communication over the Calm Down Jeffrey incident was atrocious.

I find it shocking that you can be sat there, posting to us that all is well and under control when we can see, in front of our very own eyes, that someone was hacking MNHQ posts and editing them, and also posting under posters names and editing other posts as well as deregging and banning other users who insulted them.

The response from you was seriously lacking, on top of your coquettish rubbish about not putting 50p in the meter when you went down over night.

Its not on.

You have a duty to your posters when these things are happening to keep us all informed, we're not stupid and we deserve to be treated with a little more respect. Not fobbed off with half truths and blatant lies.

You're not alone in that, Arkkorox. me too.

Struck me that they acted the way they did to piss Jeffrey off. And it made me laugh, thinking of how he was expecting a big, dramatic reaction and instead got treated as if he/it was a joke. He was a very silly boy, they reacted in kind.

it stops me from putting up with being treated like an idiot.

Which, interestingly, is exactly what you are doing to MNHQ.

What exactly were they supposed to say?

' WE ARE BEING HACKED. EVERYONE PANIC. '

I think they handled what turned out to be a very silly hacker in the right way. Any more publicity and he would have got what he wanted.

Of course not...

They should have said something along the lines of...

Hi, all we are currently experiencing a DDOS attack (summer holidays...sigh...). You will have difficulties accessing the site, but all of your personal information is completely safe. Tech is working on the issue and it should be resolved shortly.

Hi all, sorry for the extended outage, it takes some time to block these attacks but we are working on it (hands tech tea). Again, please be assured that all of your information is safe.

Whoops! It'd would appear that DadSec (waves) has uncovered a wee backdoor into the system. He has (as you can see) some access to basic post editing functions. He has no access to passwords/personal info. Bear with us until we lock the backdoor...

Hi all, boarders repelled! ????The site should be back to normal now for everyone, if its not just drop us an email at MNHQ. The site has been beefed up against further DDOS attacks, and the entry point helpfully discovered by DadSec has been secured. We have have looked carefully at what has happened and we are certain that at nio point did anyone unauthorised access any private information. Thanks for bearing with us. (downs gin)

I had no problem with the 50p malarkey.

I find it shocking that you can be sat there, posting to us that all is well and under control when we can see, in front of our very own eyes, that someone was hacking MNHQ posts and editing them, and also posting under posters names and editing other posts as well as deregging and banning other users who insulted them.

Someone was indeed altering posts and editing stuff on the one thread. Just the one afaik?

No one got deregged afaik - please correct me if you have a source for this.
No one was posting as other people, ie, no one signed in as someone else using someone else's password.

All they could do was edit what had already been posted.

Press F12 on your keyboard and have some fun, you can do exactly the same, for your eyes only - it was basically that but he had found a way in to make it look the same to everyone else temporarily.

Fwiw I do agree that there could have been a little more info and reassurance forthcoming but I got the impression they were a bit understaffed.

As long as they were onto it, that's the main thing, and they clearly were.

Agreed.

MN's response on Twitter was trite and amateurish 'ooh silly us, haven't fed the hamsters recently so the wheel's stopped turning' etc. I didn't really want to have to sully my eyes with Jeffrey's Twitter profile to find out what was going on (even though it did later appear dear Jeffrey wasn't too clear about what kind of hack he'd done).

When the site returned this seemed to catch MN off guard, rather as if the only reason it was back was because Jeffrey had left the DDOS running overnight in his time zone and was now awake and ready to have some different fun.

Then once they started a thread, they were asked repeatedly if we should change passwords as a precaution, as Jeffrey stated on Twitter he had all our data. Given the other instabilities already present in the site (people being logged off, the whole weird 'threads I'm watching' debacle) the hack looked more severe than it actually was. Eventually they posted to say no passwords had been compromised, and Jeffrey immediately set about editing posts to prove otherwise (excluding his initial homophobic edits, providing a valuable service in correcting spellings). Still no advice.

Given MN once put the entire site into read only mode due to some new year's eve high jinks the reaction seemed muted and chaotic.

By coincidence I had asked the day before Jeffrey visited us why MN didn't consider outsourcing the Talk part of the site and moving it on to some decent software. I hope they will consider this now. MN has many strengths but its technology is decidedly not one of them. But wherever the site is hosted, communication with the stakeholders (users, advertisers) will be MN's responsibility to get right. If nothing else, can you at least have a 'fire drill' once in a while where you rehearse how to deal with an outage?

And then, as advised by MNHQ, he did register under his DadSec name. Just the once. Presumably they then hit him with the full force of the Banhammer. Just because.

Someone was indeed altering posts and editing stuff on the one thread. Just the one afaik?

No one got deregged afaik - please correct me if you have a source for this.
No one was posting as other people, ie, no one signed in as someone else using someone else's password.

All they could do was edit what had already been posted.

Problem is, without any info from MNHQ, its assumptions and Chinese whispers...

I found it all quite amusing personally from the 50p in the meter comment to Jeffrey changing posts to the general piss take of dadsec. I agree slightly more comms may have helped but as anyone caught up in a cyber bullying thing knows you do not feel the beast.

I suggest you talk to AnneonaMaple leaf, she posted to say she'd been locked out of her account.

the guy posted as wannabe and at least one other poster on the outage thread. whether he was editing things already posted by them, or in their account remains to be seen, but wannabe did come on and say it looked like someone else was posting as her.

there is a difference between keeping your posters informed and feeding the trolls.

Yes that's true, no one really knew for certain what was happening even the guy himself.

He stated on twitter that he had my password 'in plain text' and had a lot of other data to play with as well - he clearly didn't, but it didn't particularly concern me as I'm fairly sorted on the old password front.

I think if anything more awful had happened then we probably would have been advised of it. Whether that would have been timely however is anyone's guess.

Lots of people have been locked out of their accounts in this last week. Mine took several password reset emails to sort last weekend and again yesterday. Site's on the fritz, not necessarily to do with hacking.

Massive molehill/mountain situation imo.

Yes he made it look like he was hacking accounts but he wasn't. He was just altering text. That was my interpretation anyway.

I don't know that Annie got hacked, I think it's possible it was a different issue - several people have had issues with logging in this week, apparently not because of this incident, or not directly in any case.

It's possible there were some after effects due to 'restore point' sort of things - I think thats why we're back to Most Active as well.

Just guessing though.

It's only a chat forum.

It's serious for the back office but really I don't know what you expect them
To say...

It's not providing any sort of serious service, no one is going to suffer.

Honestly just let them sort it and stop bitching and moaning.

They have been inordinately quiet on the Site Stuff thread. Usually there's at least one of them hanging about there trying to manage our questions and so forth when a similar set of issues arise.

We had a brief bit of info from Rebecca I seem to remember and that was it.

AnnieOnAMapleLeaf has got her name back now. It was a storm in a tea cup, people reacted to the perceived threats, MNHQ calmed it out, we're all still here.

If you don't like the forum, or the way it's run, you can change it by complaining until it's exactly what you want, or you can enjoy it for what it is.

Hmmm there were approx 12 posts mainly of the short variety from Rebecca and Sarah on the thread (so far 721 messages)

I wonder whether they are actually all on leave.

Hackers gonna hack

I cringe when people make posts like this- how rude

"This is a telling off"

"It's not on"

"..a duty to your posters"

Who the fuck do you think you are?

If you don't like MN, leave. If you do like MN, stay. But don't fucking whinge and whine like MNHQ owe you something. They don't. Justine & Co created a website that you use. If anything you owe them - because it's not like you pay for it is it? How they deal (or don't deal) with DDoS attacks or hacks or a million trolls is their business and they can deal with it their way.

If you have anything constructive to say to help if this happpens again, great. Let them know, they might appreciate th assistance. But posting 'at them' as if you are their fucking CEO is out of line.

I cringe too.

Hey everyone,

Sorry some of you don't think we handled things well in terms of keeping you informed; we thought perhaps a summary of what happened when and what our thinking was might explain things a bit.

When the site first went down late on Tuesday evening, we assumed we'd be able to repel the denial of service attack quickly, hence the 50p in the meter remark on social media (we agree it looks flippant in retrospect, so apologies for that).

The site came back up briefly very late Tuesday night, but when it went back down again the severity of the attack became apparent, and tech spent the rest of the night and Wednesday morning working extremely hard to get us online again. We posted as soon as we could after the site was back up explaining that the denial of service attack had taken place.

It was then that we detected that our administrative functions had been hacked, at which point we obviously directed all our resources towards working out how this had happened and how to stop it (I posted on the thread to say as much in the early afternoon). As you'll no doubt appreciate, we really don't want to go into any more technical detail, but we're currently doing our best to make sure that nothing like this happens again.

The tricky thing from our point of view was that, as well as the fact that the situation changed at high speed over the course of about 24 hours, it was difficult to be explicit about what we thought was happening all the way through as we had to balance the need to keep you as informed as possible with the fact that everything we said would also be read by the hacker. Plus, as several people on the thread have said, we really weren't keen to give the hacker the publicity he so clearly craved. We really are sorry if you think that, in the event, we didn't get the balance quite right.

Meanwhile, if anyone's still having site problems of any sort, do drop us a line.

Thanks again for your patience,
MNHQ

I think Mumsnet played it right......it was clear things weren't right so we didn't need to be told that, we could see it for ourselves. Mumsnet played down the incident rather than giving the hacker (poor bored sod) the drama he is so obviously missing in his life.