We’re still in the early to middle stages of the fallout from the attack on Gawker sites yesterday. But the hackers released a file with what they *claim* were the logins and passwords of 21 past and present Gawker staff, which altogether appear pretty weak.
Any valid passwords have been changed by now and the list is available publicly. So we’re reproducing it here:
Alex Pareene: kavan1
Choira Sicha: arthur
Richard Lawson: bambola
John Cook: freddy
Whitney Jefferson: tilden
Nick Denton: 24862486
And more (username, password, email address):
jesseo ::: jesseo1 ::: firstname.lastname@example.org
peti ::: almafa ::: email@example.com
nayab_098 ::: connecti ::: firstname.lastname@example.org
nunzilla ::: boeing ::: email@example.com
rlawson ::: bambola ::: firstname.lastname@example.org
Lodwicktologist ::: lauren ::: email@example.com
a_OK ::: okies ::: firstname.lastname@example.org
CarolineG ::: dratini ::: email@example.com
nicola3 ::: cheesies ::: firstname.lastname@example.org
whitneytilden ::: tilden ::: email@example.com
katemax ::: newyork ::: firstname.lastname@example.org
JaneLevin ::: sparkle ::: email@example.com
mgnyc ::: louise ::: firstname.lastname@example.org
saortega ::: capecod ::: email@example.com
Sposts ::: amads ::: firstname.lastname@example.org
Almost all the passwords are letters-only, all are lower case, and marketing manager Jane Levin’s would have been susceptible to a dictionary attack, in which hackers try every word in the dictionary.
Should have read that helpful Lifehacker post, guys.
Check out the slideshow of our favorite tweets about Gawker, the attack and hubris here.
ajeffries [at] observer.com | @adrjeffries