We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Writerspace site warns members after LulzSec hack

Admits 12,000 logins were part of leaked database

Literary website Writerspace.com has admitted that almost a quarter of the 62,000 email logins published after an attack by LulzSec came from its user database.

In a warning note on the site's homepage, Writerspace said that that 12,000 of the leaked email logins were from its members and said it was in the process of contacting the individuals concerned.

"We want to assure our readers that we take our responsibility for protecting your personal information very seriously. Unfortunately, there are people who make it their mission to find and exploit any vulnerability no matter how secure the system," read the note.

The site also mentions that LulzSec has recently hacked the CIA website and US Senate, glossing over the fact that neither of these hacks involved the loss of thousands of email addresses and passwords.

Writerspace then advises users to "make sure the passwords for all of your online accounts adhere to industry security standards," again sidestepping the possible weaknesses of any login system that re-uses email addresses as user names, or simply stores email addresses and passwords together for recovery purposes.

It is not clear that writerspace used email addresses for logging in but sites that do run the risk that users will re-purpose the same logins over and over for multiple sites. This gives anyone hacking one database a way of launching speculative attacks against others using the same information. LulzSec itself makes this weakness part of the point of its attack, encouraging sympathisers to try the logins across different sites.

Better advice would be that anyone whose login was published as part of the leak should change logins on any other sites that might use the same email address as authentication.

"Security techs are scouring the site now," said Writerspace in a tweet. "There's no indication that the site itself has been hacked but we'll post info asap."


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

See how Trunk's animated ad helped Ade Edmondson plug The Car Buying Service

IDG UK Sites

Yosemite tips for beginners: Complete Guide to OS X Yosemite