Please or to access all these features

Add post

Watch this thread

Save thread

Start a new thread

Flip thread

Hide thread

My feed

Active Unanswered threads

Getting started FAQ's

Unanswered threads Acronyms Talk guidelines

Hide shortcut buttons

Talk

Start new thread

Flip

1 2

Back to thread

MNHQ

Hackergate part four - PLEASE READ!

29 replies

RebeccaMumsnet · 20/08/2015 10:12

Previous thread here and original thread here

We will post here throughout the day with updates and info, please do post any questions and we will get to them as soon as possible.

If you need to get in touch off of the boards, please email [email protected], we have a team of people working through the inbox now and will get back to you ASAP but please do bear with us, it's very busy.

There is also a specific thread about passwords here.

Thanks all
MNHQ

Go to post

MNHQ

KateMumsnet · 20/08/2015 10:39

@MotherOfFlagons

I haven't been forced to log out yet...

Hello MotherOfFlagons, and others reporting the same issue - Tech are currently having a look at this. Will report back as soon as I get more info.

MNHQ

KateMumsnet · 20/08/2015 10:40

Also, JustineMumsnet has posted an update on the 'technical details' thread over here.

Here's a c&p for convenience:

"Morning all,

Here's an update of where we are at. The tech team found the hole which was accessed to capture user login data via phishing and patched it yesterday pm. Then, as you probably know, we forced another password update requiring higher-security passwords last night (once we'd rebutted a further DDoS attack).

We are undergoing full security testing by external experts over the next few days to determine if there are any other weaknesses which might be exploited. We'll update you when that process is completed.

Many thanks for your patience and understanding. The best advice remains to update your password here and any passwords used on other sites that are the same as ones you've used on Mumsnet before yesterday.

We're really sorry for the extra bother any anxiety caused."

MNHQ

RebeccaMumsnet · 20/08/2015 10:58

@Dothetwist

Does anyone know the tech email address? I have a link to send them

Send it to [email protected] with URGENT FOR TECH in the subject line and we'll pass it over. Thank you.

MNHQ

RebeccaMumsnet · 20/08/2015 10:59

@FlipWreck

I posted a message on the third thread yesterday about the security of PMs and reported it so it would be flagged to MNHQ. I am extremely concerned about undeleted sent PMs that contain personal details. MNHQ, please can you update about this one? There could be hundreds of old PMs containing personal details, which the original sender has no control over. Thanks.

We will have a look at this Flip, thank you.

MNHQ

RebeccaMumsnet · 20/08/2015 11:07

@twirlypoo

Can I just draw attention to something?

I was not kicked out, but on the advice of MNHQ last night logged out and changed my password anyway. I did this last night on the iphone using safari and then updated the app.

I've come to the office this monring (I work from home) and was busy checking threads / replying etc on tabs of mumsnet that were already open, when I realised they were logged in under the OLD password, but still working (I posted under it)

So, I've now logged out and updated my laptops computer - but for a while I was using the same account under 2 different passwords.

This doesn't seem very, er, good?

It is not ideal twirlypoo, agreed. However, you had an active session with us and so were able to access the site. IF anyone had attempted to get into your account last night with the old password, they would not have been able to.

MNHQ

RebeccaMumsnet · 20/08/2015 11:23

@MadrigalElectromotive

But if they were already in twirlypoo's account, then they will be able to continue to access it for as long as their session continues?

They would have to log in with a password. If the password was reset, it should be fine.

MNHQ

RebeccaMumsnet · 20/08/2015 11:31

@twirlypoo

I'm confused! Why would they have to log in with a password if they already had an open session?

But they wouldn't have had an open session unless they went in and physically used your work computer. To access any account you in need log in details. If you reset your password, from that point, your account was secure. Sorry to confuse, does that make sense?

MNHQ

RebeccaMumsnet · 20/08/2015 11:55

@twirlypoo

It does, But......

I was on the list, so they had access to my username & password.

So lets say they opened up a tab with my log in.

I then open up a tab on MY laptop and change passwords etc. I am now logged in under that password.

They STILL have access under their open tab??

I was accessing my account this morning under both the new password (on my phone / the app) and the old password (open tab on laptop)

Theoretically, does that not mean that dad sec could still have access on his open session too?

It is highly unlikely that the hacker would have a computer on with lots of open accounts with logged in sessions. Obviously we cannot be sure of this but he would have to have many many devices available to him to facilitate this. If your password was reset last night, you should be fine.

We did attempt to force everyone out and this did work for many but not all, we are looking into why now.

MNHQ

RebeccaMumsnet · 20/08/2015 13:29

@ppeatfruit

Agree PegsPigs

Does anyone know if we should change our user names? Mn doesn't say anything.

This is up to you ppeat, if your password is reset you shouldn't need to but you can if you would like.

MNHQ

RebeccaMumsnet · 20/08/2015 13:34

@RepeatAdNauseum

Snap.

I was logged out on the mobile site, and through that was it, but it let me log back in with the old password fine, no prompt to change it.

Old, old password or reset recently and matches new password parameters?

MNHQ

RebeccaMumsnet · 20/08/2015 14:14

@diddl

I'm having trouble logging in.

I log in (or think I have!) & just get the log in page again.

Am checking the URL, but am concernd that once the log in page comes up again, I've already put my password in iyswim.

Sorry diddl, have you reset at all?

MNHQ

RebeccaMumsnet · 20/08/2015 14:18

@ppeatfruit

Thanks Rebecca

BTW is dh right in saying that when we click on 'links' we are leaving ourselves , and you? open to hacking?

Potentially, yes. You need to be aware of that all important S at the end of the httpS when on a log in page. If you get an email that's dodgy, FB message, post etc with a link from an untrusted source that clicks through to log in info, it is best NOT to enter that info in.

It is not easy to tell and that's how phishing happens.

Always look for the s and make sure your source is a trusted one.

MNHQ

RebeccaMumsnet · 20/08/2015 14:20

@PlayingSolitaire

"I don't know if you've read the c&p stuff taken from the 8chan site last night but Jeffrey's claiming he piggybacked in via a fake profile here and planting IT voodoo thingmies (I know nothing about technology) on a member of staff. He sounds quite plausible and it would explain the more than phishing theory."

I also read this - MN please can you confirm that you have read it too and that your Tech people/ outside Tech people have considered whether this was possible or not and if so have stopped it and stopped it happening again.

We are aware, yes. Thank you.

MNHQ

RebeccaMumsnet · 20/08/2015 14:24

@diddl

I reset this morning as it was the only way for me to get in.

(Had also reset a few days ago when asked)

I'm doing as I'm told!

Excellent, once you are in, you're in. If it happens again, try clicking on the logo and see if it takes you to the homepage and then back to Talk from there. You shouldn't have to put in your log in several times in one session unless they are incorrect and we will let you know if that's the case via a warning on the page.

Post if it happens again and possibly screengrab?

MNHQ

RebeccaMumsnet · 20/08/2015 17:30

We have reported his latest Tweets to the police who are following all of this.

MNHQ

JessicaMumsnet · 20/08/2015 18:27

@headlesslambrini

I think its happening again - funny writing instead of the MN sticky

Hello headlesslambrini, thanks for flagging we'll take a look at that. Just to reassure you that url shouldn't have https only log in pages will have https

MNHQ

RebeccaMumsnet · 21/08/2015 09:53

Hi all,

Popping in to say good morning, we are here and will be reading through the last few posts shortly and responding to them.

MNHQ

RebeccaMumsnet · 21/08/2015 11:25

@Wolsey

MN - I feel quite strongly that as one of the 3000 published names and passwords that you should deal with my email requests for a deletion of posting history as a priority. I wish all trace of me to be removed from this website. I then intend to de-reg.

Hi Wolsey,

We are going through mails one-by-one and we have a large team working on it but the volume is high. If you have any specific posts that you would like removed quickly, please do report if less than ten or so. If you would still like a mass delete, we will get to you as quickly as we possibly can.

Apologies for the delay.

MNHQ

RebeccaMumsnet · 21/08/2015 13:52

@StephanieBeacham

MNHQ are you able to say anything to the effect that nobody, to your knowledge, had any visits from armed police last night?

I would be reassured to know. I understand if you can't comment on that though. Just ignore me if so.

Sadly, we have just been alerted to another swatting incident last night.
We are in touch with the police at the moment.

Please can we ask that you ignore him on Twitter, do not re post his links here or anywhere else. He/they thrive on attention and putting yourself out there ( no matter how noble and lovely you all are supporting us and fighting the good fight) for your own safety, please do not

We will keep you updated as and when we know more.

Please do keep yourselves safe and ignore, ignore, ignore.

MNHQ

JustineMumsnet · 21/08/2015 14:38

An update to say that according to the poster the police believe the hacker got her info from Twitter, not Mumsnet. She wasn't at the address targeted.

Both swats on Mumsnetters have come after they've engaged with @DadSec on Twitter - so clearly this looks like something to avoid.

MNHQ

JustineMumsnet · 21/08/2015 15:28

@headlesslambrini

Justine can you say whether or not this MNer was on the original list?

Do you know if he only got 3000 details or everyone's but just hasn't published them yet?

Have all Police forces been alerted to this?

I think we need a few more details if you csn give them.

Not on the original list - but as has been said here it's quite easy to garner info of someone once you have basic details often found on Twitter accounts.

MNHQ

RebeccaMumsnet · 21/08/2015 16:12

@howtorebuild

Yes that happened to several posts. I assumed it was mnhq trying to protect info.

yes, it is. Thank you all for being so careful with posts. We may have had a few coffees

MNHQ

JustineMumsnet · 21/08/2015 16:22

@Kryten2X4B523P

"I was expecting links to her secret MN username that she uses to post about anal fissures and squeezing spots on DHs back"

Cripes hope that one's not next...

MNHQ

TinaMumsnet · 21/08/2015 16:35

Hi Worra

Any data you give to us when entering a book giveaway like this is stored on a completely separate and secure site - so we've no reason to believe it's at risk.

MNHQ

RebeccaMumsnet · 21/08/2015 17:01

@BlahBlahUsername

Well I'm on the list and my address was listed several times in my inbox because of the christmas card swap thread. I don't care about being 'outed' because I don't think I've ever said anything on here that I wouldn't say IRL. But should be worried about 'Jeffrey' doxing random MNers? I have a son with an anxiety disorder, and another with autism and sensory issues. If trolls got hold of our address they could cause a lot of upset.

Hi Blah,

If you report the posts you are worried about, we will zap them for you pronto.

Watch this thread for updates

Tap "Watch" to get all the latest updates

Flip

1 2