Gawker, McDonald's, Walgreens Hacked: Your Questions Answered

McDonald's

Hackers scored a hat trick over the last few days, and against some pretty big targets. Going after customer data or user profiles, hackers infiltrated databases associated with McDonald's, Walgreens, and Gawker. Cheeseburgers, shampoo, snark—no industry is safe in the Internet age.

What's with this wave of attacks? Do they bear any relation to each other, or any relation to other recent attacks?

The attacks appear to have been carried out by that WikiLeaks avenger group, Anonymous, which after all had a very specific agenda. The details of the three attacks remain somewhat sketchy, but here's what we know:

The McDonald's hack

What was accessed?

Hackers gained access to some private information of customers, who had entered the information while signing up for promotions on the McDonald's website. The information compromised included email, phone numbers, addresses, and birth dates—but not financial information or Social Security numbers.

Who executed the hack?

It's unknown; Mickey Ds isn't saying, and no one's taken credit. Law enforcement is on the case. "It's hard to tell who exactly is behind this," says Jason Hong, a computer scientist and security expert at Carnegie Mellon. "It could perhaps be a competitor interested in embarrassing them, someone interested in stealing sensitive data, or someone just doing it for fun."

How did the hack happen?

By attacking a subcontractor's subcontractor. McDonald's farms out some of its promotional activity to a group called Arc Worldwide, which in turn contracted with an e-mail database management firm that has not been named. Hackers went after that firm. A digital security guy named Colin Tankard weighed in on this, saying the Russian dolls subcontracting arrangement was partly to blame: "This case has highlighted the difficulty with interdependence," Tankard told IT Pro (which dubs the affair a "Big Mac hack attack"). "That's always a problem whenever you have subcontractors," concurs Hong, adding that it's "more and more a problem as organizations go to cloud computing," which rely on third parties to host data.

The Walgreens hack

What was accessed?

A list of customer email addresses was breached. Walgreens isn't saying how long that list was. It warns that spam might have gone out as a result.

Who executed the hack?

As with McDonald's, no one's saying.

How did the hack happen?

Walgreen is doing a good job keeping mum on this one. They're more insistent about what didn't happen: "Your prescription information, account and any other personally identifiable information were not at risk because such data is not contained in the e-mail system, and no access was gained to Walgreens consumer data systems."

The Gawker hack

What was accessed?

Hackers gained entry into databases, making off with, according to THINQ, "1.3 million comment accounts, as well as Gawker staff account information, and internal company conversations." Gawker's management posted apologetically on Sunday about the breach, urging users to change their passwords both to Gawker and any other sites for which they used the same passwords. Gawker chief Nick Denton himself is apparently bad at using strong, varied passwords, and had to change his across multiple sites.

Who executed the hack?

A group called "Gnosis" is taking credit. "How's this for "script kids"?" posted the group, referring to a denigrating term for inexperienced hackers. "Your empire has been compromised, Your servers, Your database's [sic], Online accounts and sourcecode have all be ripped to shreds!" They were apparently peeved by some unfavorable coverage Gawker had given to 4chan.

How did the hack happen?

The hackers got access to encrypted lists of passwords. Even though they're encrypted, simple passwords (like "password," which nearly 2,000 Gawker accounts used) can be victims of a "brute force" attack, or machine-assisted guessing—hence the need to change them. It appears that the Gawker hack may have resulted in spin-off attacks on Twitter, using the compromised information. Hundreds of thousands of Twitter accounts were compromised not long after, leading Del Harvey, Twitter's "Director of Trust and Safety," to infer that the Gawker hack was the root problem.

"We reset passwords + deleted updates on accounts affected," she tweeted Monday, "accounts were compromised in the Gawker properties hack." And PBS Newshour thinks the problem could go even deeper: Gnosis apparently culled a special list of emails and passwords of government employees, advising hackers to "google their email address to find other accounts on the internet they may have and try their password with said accounts."

Burning question

So what should I do?

Strengthen your passwords! Check out this link for a quick run-down on how to do so.

[Image: Flickr user iboy_daniel]

Add New Comment

0 Comments