Mumsnet users urged to change password after Heartbleed hackers target site

Cyber-thieves may have obtained passwords and personal messages

Kunal Dutta
Wednesday 16 April 2014 03:22 EDT
Comments
The parenting website Mumsnet claims to have 1.5 million registered members
The parenting website Mumsnet claims to have 1.5 million registered members (ABBIE TRAYLER-SMITH)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Mumsnet users are being urged to change their passwords and login details after hackers targeted the website by exploiting the Heartbleed bug.

In what is believed to be the first confirmed breach via the security flaw, the parenting website – which claims to have 1.5 million registered members – said it believed that cyber-thieves may have obtained the data before it repaired the security flaw on Saturday.

The site’s founder, Justine Roberts, said that it first became apparent that user data was at risk when her own username and password were used to post a message online. She said the hackers then informed the firm’s website administrators that the attack was linked to the Heartbleed flaw and told them the company’s data was no longer safe.

Heartbleed is thought to be one of the most serious internet security flaws ever, mainly because it remained undiscovered for more than two years. It can give anyone access to the data behind internet encryption, including passwords and credit card details, without leaving any trace.

In an email to members, Mumsnet said: “We have no way of knowing which Mumsnetters were affected by this. The worst-case scenario is that the data of every Mumsnet user account was accessed.

“It is possible that this information could then have been used to log in as you and give access to your posting history, your personal messages and your personal profile, although we should say that we have seen no evidence of anyone’s account being used for anything other than to flag up the security breach, thus far.”

The site is also asking members to reset any passwords created on or before Saturday.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in