13 December 2010

Gawker passwords and Hint.io

This morning I received the following email from a website I'd never heard of called Hint.io.

Hi there,
Hint wanted to let you know that your email address and password that you used to signup for Gawker (or one of its sites) was hacked. Forbes' coverage is here
In situations like this, time is of the essence, which is why we were surprised & shocked to find that Gawker Media hadn't taken the initiative to notify you of this privacy breech immediately. We HIGHLY recommend you change all of your online passwords as a precaution.
-The Team at Hint
My instant reaction was that this email was a phishing attempt. But as I read on I saw it did not ask for my account details or to reset my password using a link it provided.

Then something else struck me: the only way Hint.io knew my personal email address,that I had an account with Gawke, and my account information had been compromised, was if the staff at hint.io had access to that stolen information.

I've emailed teamhint@hint.io asking for an explanation as to why the hell they have a stolen password database.

Hope they have a really good explanation.

Just like I hope Gawker has a good explanation why account details were stolen, why they didn't inform account holders themselves, and why their password reset system has gone down.

No comments:

Post a Comment

All comments are moderated. Blame the spammers.

UPDATE: "Living Room Rules" apply.