Gawker Security Breach: We're Here to Help
As you probably know, Gawker Media's sites were all compromised this weekend. This may have left you with questions and concerns about your account. Here's the place to ask questions and vent. Editors and tech staff are here to help.
The first thing you need to do is change your password. If you have not yet done so, please read Lifehacker's comprehensive FAQ on the weekend's security breach and the steps you should immediately take to secure your account.
Comments are the lifeblood of our sites, and we pride ourselves on having some of the best commenters anywhere on the internet. Your security is our primary concern right now. We're working around the clock to ensure the safety and security of our sites moving forward.
You may be angry and upset about what has happened. You have a right to be. We're upset, too, and deeply embarrassed about the breach. Rest assured that we're doing what we can to both fix what's happened and ensure that it doesn't happen again in the future. In the meantime, here's your chance to ask questions about your commenting accounts, vent, or just help each other with issues you have. We'll drop in as much as we can, in between dealing with all the issues that have surfaced in the last 24 hours.
The Lifehacker FAQ has a more complete list of issues that commenters have been experiencing. But here are a couple of questions we've been getting repeatedly along with answers from our tech team:
Q: Why is password change or recovery failing?
A: We are working to limit the scope of the problem, and as part of that are changing the password for every account that could be cracked. Not all accounts will have their passwords reset. This process is running in the background and causing occasional errors when changing passwords. We will notify our readers once via posts on the sites and an update on this page once this process is complete so you can try again. We expect this to be completed within a few hours. This affects password change and the 'Forgot Password' process. Please continue to update all passwords on sites that shared a password with your Gawker Media account.Q: Why does my password no longer work?
A: We have reset the vulnerable account passwords to made it inaccessible to anyone with their old password. We are updating all of these accounts to use the modern bcrypt hash. If you did not have an email address associated with your account, and are currently unable to access your account, it is unlikely we will be able to restore access to your account. We suggest registering for a new account. We will be continuing to study this problem and notify readers if we develop a solution.
If Lifehacker's FAQ—or the answers above—have not resolved your problems, feel free to email help@gawker.com at any time and someone here will look into the issue you're having and respond. Please be patient though, since we're dealing with a lot at the moment. You can also reach out to me with your comments and concerns here. Thanks for your understanding and continued support.
Update:
We've been assured that the ability to delete your account entirely is coming soon. We'll let you know as soon as it's available.
Update 2:
Did you receive an email this afternoon/evening from "Gawker Media" with the email address help@gawker.com? Yes, that was from us. Since we learned of the hack, we've been working on a way to formally notify the 1.4 million emails associated with Gawker Media commenting accounts. Tonight we finished sending emails to all the addresses in our system.