Hackergate part five - PLEASE READ

[RebeccaMumsnet]

Hi all,

A further continuation of this thread and the original thread here

FAQ page here

Please do keep an eye, ask us any questions and we will post updates as we get them.

I can't believe that even with all of this going on, some posters are still so lax about security.

I just spotted someone's user name (a regular poster), that gave away personal info about her and her DC.

I then Googled just to see if my hunch was right and it was. In less than 30 seconds I was able to see her full address and lots of quite personal information

Madness.

And you could always have been a person of 'evil intent', WorraLiberty.

It's not just technical scammers that you have to be alert for - the internet can be a place where some dastardly people hang about ready to manipulate others as their fancy takes them.

Exactly Simurgh

Anyway, I've sent her a message pointing it out. That's all I can do.

Is it still possible to get hold of a copy of the list somewhere? I was away when all this happened and was able to see it but not search it on my phone, and now it looks like it's been removed by Twitter?

I'm not too worried about my current account as I set up a new one some time ago using a different email address which I don't use for anything else, but my previous account (which I didn't delete as I didn't realise you could do this) was set up under my everyday email address. I NC frequently and would like to take a closer look to make sure I'm not there.

Some lovely persons been at my bank account online thingy. They've managed to just lock it down luckily!

There is a thread in site stuff called The List.

There's a version of the list that was published on this thread here - just a little way down on this board. The OP has stripped out IPs and passwords - and emails for the HQ users.

I'd assume that the information has been caught though and take appropriate action eg changing passwords immediately. Just because a name of yours may not be on this list doesn't mean that the information is not out there.

1. There's a couple of threads in chat which include the list. Search for my username in chat (I don't generally post there much but I am on the list) and you'll find them.

1. In any case, you would have been sent an email to the email address, telling you that you were on The List.

1. In any case, it doesn't matter whether you were on the list or not. Act as if you were. It is quite possible that there is a longer list that hasn't been on Twitter yet.

Someone definately must have more info.
I'm not on the list and have had problems with my bank, my Facebook and email in the last week. Different passwords same email.

I'm working on the theory that if you sign into the site by Email, they have kept the info For themselves, as email addresses and passwords are far more usefull in other sites.

It looks as if the forced session logout just caught up with me. Weird things happening.

oh and an unexplainable £1.68 has gone off my card from Apple iTunes and all the apps I can see are paid ones. I don't have access to iTunes at the moment so can't see if it's something I've accidently done!

*free ones even
Anyone know if I can check an account billing list without iTunes access.
There was only £2 in there as hadn't been paid yet so want to check more won't be billed when money goes in!

Just deleted all my inbox messages as I had a few with address etc from winning a comp.

But I can't delete anything in my sent? Select all won't work, and when I select them individually the trash can is greyed out

Can someone check this please?

Also, what's the email to request my posting history be deleted? And would I need to give all my past usernames?

Sorry, haven't logged in at all until now as was a bit too insecure round the phishing sites.

Also, haven't seen a post sorry, but is the iPhone app not working now? Have changed my password and logged in here fine but the app is saying incorrect username and password

Velma you can tell HQ an the linked email and they do it off that even without all the user names BUT they only delete your actual posts not the thread which can then still be searched, put in Google cache and it shows what you wrote even after deleted !
So if you have a sensitive post you have to ask them to delete the whole thread to avoid this

Thanks tigers. I've had this username a couple of years, and had a third I used to use for really sensitive stuff. My first username has been unused for two years now, but was a heavily used account and I worry I gave a bit much away. I will email them and ask I think, even though none of my names were posted and I doubt anyone in my real life cares!

I've already reported - I'm not on the list, but for the first time (as far as I can tell as I get notified by email and I have downloaded activity) my fb was attempted to be accessed this weekend from the other side of the country.

Same email as mn. May or may not be a co-incidence but very weird.

I wonder if they did capture the emails and are holding them back.

As posted on the tech update thread just now here's the latest re the attacks on Mumsnet.

I'm pleased to say that all was reasonably quiet at the weekend so happily very little has changed since the end of last week. We've no evidence of further attacks on Mumsnet, or indeed further swatting attacks.

As you know we patched the hole used to access user login details in the middle of last week and forced a password update. The site is currently undergoing stress testing via an external security firm which should be completed this week. Meanwhile, the tech team are reviewing every bit of code to make sure it's as robust as can be.

Obviously we can't be complacent though - please do report anything that looks at all dodgy, and we'll investigate straight away.

I know some users are still awaiting for replies to mails you sent us last week. Thanks so much for your patience, if that applies to you - we're very much hoping to get through the backlog in the next couple of days. For those with new queries it's worth checking our FAQs page before mailing in case your question's answered there (we'll keep it updated).

The police are taking these attacks seriously and are conducting a full investigation. We will, of course, update you with any news on that front as soon as we have any.

Once again, many thanks for you support and virtual (and in one case, actual ) provision of gin and many apologies, again, for any undue stress/ anxiety caused.

Thanks for that Justine. I should imagine that half of the other commercial websites in Britain are running around like disturbed ants after this.

Thanks Justine

at the risk of being annoying may I point out that FAQ page details aren't appearing as a link (one square bracket each side, instead of two) just wondering if that's a typo?
sorry, not nit-picking, you must be exhausted!
much love and gin (and leftover birthday )

Tigers Deleting the whole thread won't stop it from being available in the Google Cache. Even threads that Mumsnet has got rid of entirely can be viewed and read.

Not being argumentative, but I don't want anyone to be lulled into a false sense of security if they manage to get whole threads deleted.

I love that someone actually sent you gin.

S'me 5tr4tt3r5 btw

@ZingDramaQueenOfSheeba

Thanks Justine

at the risk of being annoying may I point out that FAQ page details aren't appearing as a link (one square bracket each side, instead of two) just wondering if that's a typo?
sorry, not nit-picking, you must be exhausted!
much love and gin (and leftover birthday )

Sorted - txs and have some of our

thanks just one.
At least it makes it harder though because they can't search it on here and get the address at the top of the page if the whole post has gone