Hackergate part four - PLEASE READ!

[RebeccaMumsnet]

Previous thread here and original thread here

We will post here throughout the day with updates and info, please do post any questions and we will get to them as soon as possible.

If you need to get in touch off of the boards, please email [email protected], we have a team of people working through the inbox now and will get back to you ASAP but please do bear with us, it's very busy.

There is also a specific thread about passwords here.

Thanks all
MNHQ

Poor 98

I think she meant well. A bit like my embarrassing thread offering to donate...

you can send me a pizza if you like though?

Am I the only one that has a mental picture of Justine and the rest of MNHQ sitting in tin foil hats, fingers in ears, rocking in a corner

Ok I was on the list, I've reset password and also changed a couple of things where I had the same email password combo, is there anything else I need to be doing other than being more vigalent than usual and keeping an eye on emails, Facebook etc. Is there anything they can be doing with the ip addresses? I log in my iPhone, tablet and PC so not sure which one would have been on the list

I posted a message on the third thread yesterday about the security of PMs and reported it so it would be flagged to MNHQ. I am extremely concerned about undeleted sent PMs that contain personal details. MNHQ, please can you update about this one? There could be hundreds of old PMs containing personal details, which the original sender has no control over. Thanks.

I do not use facebook.

I'm just baffled by people who are feeling "sorry" for mumsnet .....

They are working to resolve a problem in a business they run - mumsnet is not a charity.

Jeepers, what about all the underpaid frontline emergency staff who often run over their shifts without pay providing crisis care in traumatic harrowing situations ....anybody had random thoughts about sending them a pizza tonight?? Thought not.

Compassion is under rated - but let's be wise with it.

I do not use facebook.

I'm sorry but this smells like an inside job....how could someone be able to access all of this personal information?

I have just had two confirmation code text messages from Facebook, and I don't even use it!! I don't have an account. Is this linked to MN being hacked?? Smells awfy fishy...

Was that Jeffrey on the other thread? Thought he would be collecting his results today..

@Dothetwist

Does anyone know the tech email address? I have a link to send them

Send it to [email protected] with URGENT FOR TECH in the subject line and we'll pass it over. Thank you.

I got logged out again and had to do a second password reset of this morning, so I have had about a zillion password changes in the last 3 days. Finally got back in now.

Whilst I agree that MN don't need donations or pizzas, people are only being nice and trying to express how much MN means to them. I think it's nice really. And if I was a cookie baker who was easily able to pop in to NW5 (sadly I'm not), I would drop them off a treat. Not because they can't afford to buy one themselves, but because even though MN is a big company they have still been through the mill these last few days and I can only imagine how stressed they must be.

That's not to say that others how do stressful jobs (nurses, teachers etc) don't deserve home made cookies too - they do- and when I am 'involved' in their stressful situations, I make them cookies (or similar).

gatorgolf Ip addresses are irrelevant - if worried, turn your router off and back on again after 15 seconds, it will probably change... Make sure you are running decent anti virus with internet protection on your computer... Enjoy life!

blowinahoolie No - quite possible for it to be a hacking job, amazing what you can get to without needing inside help, it is why so much crime is now online... Your facebook codes could just be normal spam...

Not sure if it was our spotty friend or not

@FlipWreck

I posted a message on the third thread yesterday about the security of PMs and reported it so it would be flagged to MNHQ. I am extremely concerned about undeleted sent PMs that contain personal details. MNHQ, please can you update about this one? There could be hundreds of old PMs containing personal details, which the original sender has no control over. Thanks.

We will have a look at this Flip, thank you.

My IP thinks i am in That London!

The hackers will get bored and go away eventually - but probably not just yet.

Please be on the look out for phishing emails that look like they come HQ, but aren't.

A MNer was sent an email from [email protected] or something, which took her to dodgy page. Don't click on links, c&p the address into your browser.

Can I just draw attention to something?

I was not kicked out, but on the advice of MNHQ last night logged out and changed my password anyway. I did this last night on the iphone using safari and then updated the app.

I've come to the office this monring (I work from home) and was busy checking threads / replying etc on tabs of mumsnet that were already open, when I realised they were logged in under the OLD password, but still working (I posted under it)

So, I've now logged out and updated my laptops computer - but for a while I was using the same account under 2 different passwords.

This doesn't seem very, er, good?

I wonder if windows users are more at risk then ipad users anyone know?

I have just written that message and then this happened (see screen shot) im sure it's just coincidence but I'm a tad paranoid now!

(Sent this using phone as laptop still not back on)

@twirlypoo

Can I just draw attention to something?

I was not kicked out, but on the advice of MNHQ last night logged out and changed my password anyway. I did this last night on the iphone using safari and then updated the app.

I've come to the office this monring (I work from home) and was busy checking threads / replying etc on tabs of mumsnet that were already open, when I realised they were logged in under the OLD password, but still working (I posted under it)

So, I've now logged out and updated my laptops computer - but for a while I was using the same account under 2 different passwords.

This doesn't seem very, er, good?

It is not ideal twirlypoo, agreed. However, you had an active session with us and so were able to access the site. IF anyone had attempted to get into your account last night with the old password, they would not have been able to.

It is not ideal twirlypoo, agreed. However, you had an active session with us and so were able to access the site. IF anyone had attempted to get into your account last night with the old password, they would not have been able to.

But if they were already in twirlypoo's account, then they will be able to continue to access it for as long as their session continues?

By they I mean DadSec...

Consider me slapped down! For what it's worth, I think nurses, doctors, firemen, and everyone else who works on the front line deserves pizza too, but unfortunately if I bought you all pizza I may get in trouble with my bank
Just trying to be nice as feeling a bit sorry for MNHQ. I was on the thread at midnight last night when they were still posting updates and trying to tackle the problem. Updates were still going through the night and were first thing again this morning. I'm certain they are taking it in shifts, but I imagine they are under a heck of a lot of pressure. They may be working for a multimillion pound company but they didn't sign on for this, and most probably had to leave families last night to sort it.

So yeah, stupid idea maybe but just trying to be nice.

98 I think you were lovely to suggest it

katherine surely dadsec could be sat with a load of open tabs and open sessions though? If I can, then why can't they?

Not having a go, just a bit alarmed /shocked that it can happen!