CNET, a popular tech news and reviews website with millions of users, has recently been hacked by a Russian hacker known as w0rm or twitter username: “@rev_priv8.” On July 12th, the hacker tweeted a photo of a screenshot depicting the contents from the CNET database, then posted a tweet offering security protection assistance.
According to a spokesperson from CNET, “The hacker gained access to the user database via a security hole in CNET’s implementation of the Symfony PHP framework – the “skeleton” on top of which CNET’s website is built.”
As a result, more than 1 million emails, usernames, and encrypted passwords were compromised. And while the hacker reportedly offered to sell the database for 1 Bitcoin ($622), he later claimed to be posing threats solely to garner public attention on the hack.
In addition, a representative of the hacker’s group claims that they target high-profile websites while hacking, in order to raise awareness on the evolving security threats, as well as the general importance of Internet security.
Although the CNET spokesperson said the issue has been identified and resolved, it’s fundamental to take action. If you’re a CNET user, your information may be compromised. We strongly advise you to:
- Change your password as soon as possible.
- Change the passwords of other accounts with the same password.
And in the future:
- Use strong passwords with a combination of letters, numbers, and symbols.
- Never use the same password for multiple accounts.
According to the CNET spokesperson, the website will be monitored continuously in an attempt to prevent future attacks.
To learn more, or if you have any questions about securing your confidential information while browsing the Internet, give us a call at (613) 277-2312
or send us an email at firstname.lastname@example.org. Digivie can help you leverage the Internet without putting your confidential information at risk!