Mumsnet Cofounder Suffers Swat Attack
Mumsnet has been forced to reset its users' passwords after a series of swat attacks.
A swatting attack is a type of harassment where the perpetrator calls the emergency services out to their victim on false pretences.
Founder of Mumset, Justine Roberts, said another member of the site had also been similarly attacked and added that a hacker had managed to hack into the site's administrative functions.
Mrs Roberts revealed that there had been an attempt to force Mumsnet offline by a DDoS attack, which is where hackers overwhelm a site with traffic.
Mrs Roberts said there was evidence that around 11 sites had been hacked and warned that many more could be affected.
In a follow up blog post to the event, Justine wrote: "It's a reasonable assumption, and our working one, that the passwords of everybody that has logged since 6 August 2015, and possibly some time before that, have been collected."
Mumsnet is unsure how the attack occurred, however one theory says that cross-site scripting was involved, where code would have been added to Mumsnet site to redirect the login process to computers controlled by the hackers.
Mrs Roberts doubted that the Mumsnet database had been hacked as she said the site itself stored users' passwords in a high-strength encrypted form.
All the sites usernames and passwords will have to be changed as a precautionary measure.
Security expert Dr Stephen Murdoch said: "It's challenging to build a website that can stand up to a determined attacker, while still being cost-effective to run and easy to use.
"These types of incident will keep on happening, so this is a good reminder to not use the same password on multiple websites and be cautious about what information you give out online."
Return to internet news headlines
View Internet News Archive