Arik Hesseldahl

Recent Posts by Arik Hesseldahl

Gawkergate Collateral Damage Now Includes the New York Times

It’s now been at least 10 days since the Gawker group of Web sites was hacked by a group calling itself Gnosis in one of the side threads to the WikiLeaks controversy.

Within two days, sites like LinkedIn and later Blizzard Entertainment and Yahoo had advised their users to change their passwords.

The latest company caught up in all this is the New York Times. A little more than an hour ago, the Times sent an email to customers (see below) whose email addresses appeared in a searchable database of compromised Gawker commenting accounts, warning them that if they used the same password on nytimes.com as they did on Gawker, it would be a good idea to change it. There is no evidence of any funny business on the Times’ Web site.

Incidentally, in case you missed it, Gawker’s technology head, Thomas Plunkett, circulated a memo detailing what happened at Gawker and what it plans to do in response to the incident. One thing it will do is offer disposable commenting accounts that users can ditch easily, and for which storing an email address won’t be required.

Here is the email from the Times:

NYTimes.com Wed, Dec 22, 2010 at 5:15 PM
Reply-To: nytdirect@nytimes.com

In case you missed our recent article “Gawker Sites Hacked and Passwords Compromised”
http://nyti.ms/hjNvlY we are writing to inform you that databases belonging to Gawker Media were compromised and hackers obtained more than one million user names, e-mail addresses and passwords.

While there is no evidence of suspicious activity on NYTimes.com we wanted you to know that
the e-mail address you registered with NYTimes.com matches an e-mail address that was on
the list of Gawker e-mail addresses and passwords that were published online.

If you use the same password for NYTimes.com as you did for Gawker, we strongly recommend you change your password. Changing your NYTimes.com password can be accomplished by visiting the Member Center page: http://www.nytimes.com/membercenter. After logging in to your account, click on the ‘change’ button associated with the password field which can be found under the Account Summary heading.

Here’s a Gadgetwise post with tips on developing a good password (in brief: do not make it a real word, keep it long and mix in an unusual combination of letters and numbers).
http://nyti.ms/gGR3kz

Please contact Customer Support at 1-800-698-4637 or e-mail customercare@nytimes.com with any questions.

Have a safe and happy holiday season.

The New York Times Company
620 Eighth Avenue
New York, NY 10018


Latest Video

View all videos »

Search »

When AllThingsD began, we told readers we were aiming to present a fusion of new-media timeliness and energy with old-media standards for quality and ethics. And we hope you agree that we’ve done that.

— Kara Swisher and Walt Mossberg, in their farewell D post