Popular skeptic site hacked, private user details stolen

Skeptical Science hacked, private user details publicly posted online.

Sometime over the last few days, the Skeptical Science website has been hacked. The hacker has taken much or all of the Skeptical Science database, zipped various excerpts into a single file, uploaded the file onto a Russian website then linked to the zip file from various blogs. While we are still attempting to verify the authenticity of the file, initial scans seem to indicate the hacker has included the entire database of Skeptical Science users. Access to the full database (which includes private details) is restricted only to myself and I am the only one with access to all of the raw data – this fact alone indicates that this breach of privacy came in the form of an external hack rather than from within Skeptical Science itself.

Of great concern is the fact that the hacker has published personal details such as emails and IP addresses of each user.

Source: Skeptical Science

Was this a case of people harrassing this site which has proven HIGHLY effective in debunking climate denialists? Or was is just an attempt to get user info for some other purpose? It’s not known yet.

Sorry to hear about this, guys. But, when you are good (edit: or simply a high hit site), you get attention. Even unwanted, troublesome attention.

  4 comments for “Popular skeptic site hacked, private user details stolen

  1. March 24, 2012 at 12:39 PM

    I wouldn’t be too quick to accuse this of being a targeted attack. I work in computer security, and hacks like this are unbelievably common and most of the time they are entirely opportunistic. Usually they are criminals looking for known-good email addresses to spam or credit card numbers to abuse.

    If you used the same password on Skeptic Science that you use elsewhere, you should change it everywhere ASAP. And don’t do that going forward – use a different password on every website, and use a piece of software like 1Password or KeePass to manage them.

  2. Stew Green
    March 24, 2012 at 2:24 PM

    - This story broke on Thursday 22nd here http://tomnelson.blogspot.co.uk/2012/03/bill-mcfibben-on-weirdest-weather.html (discussion only no private data)

    – I don’t think the info has been generally republished all over the net, and neither have SkepticalScience said any of it is fake; a contrast to the Peter Gleick/Heartland affair.

  3. CBDunkerson
    March 24, 2012 at 2:43 PM

    Tim Farley, the hacker sent the database to various global warming denial websites. That pretty much kills the ‘maybe it wasn’t a targeted attack’ theory, no?

  4. March 24, 2012 at 11:22 PM

    I didn’t say it wasn’t a targeted attack, I just warned not to leap to that conclusion.

Comments are closed.