Over the weekend, hackers broke into the servers of Gawker Media—which includes web sites Gawker, Lifehacker, Gizmodo, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot—and stole information on about 1.25 million accounts. The hackers then turned around and posted the details—user names, email addresses and passwords—on a popular file sharing site, The Pirate Bay.
Registration on the Gawker Media sites is required for posting comments, so if you think there is even a small chance you may have visited and commented on one of these sites in the past, you need to confirm your data is safe. If you used Facebook Connect to comment through the Gawker sites, you should be fine.
The risk is not that some anonymous hacker will use your data to post comments on these sites (who really cares about that). It's that many of us use the same password for multiple accounts, and that’s a big problem, since nefarious types who break into one server may gain access to your email, Facebook and Twitter accounts, or even online banking.
What to do? First off, see if your own email address has been compromised. Slate.com has created an easy to use search widget available here – you just enter your email address and it searches the list of stolen Gawker accounts to see if you're among them. If so, it is absolutely imperative that you change your user ID and password on every other site which uses the same login information.
What this security snafu points out is the importance of using a different password for each online account you access. This is, undeniably, a royal pain, but it’s the only reasonable response to recent data infiltrations. After all, even a wonderfully secure password is no defense against hackers who manage to grab databases full of information. We have tips on managing your passwords to help you through the process.