Will Gawker Breach Lead to Attacks on Government Sites?

The big security news over the weekend was the hacking of Gawker, and subsequent release online of the usernames and passwords of its registered users. If you're not a denizen of the multiple sites in the Gawker empire, that may not mean much to you. But if you are, and you accessed the sites from a government computer, you may be headed for trouble.

The PBS NewsHour's Rundown blog reported yesterday that it had learned that "a select sub-list of what appear to be e-mail addresses and passwords of employees from federal, state and local government agencies were parsed separately [by hackers] for potential future attacks." The theory is that the employees may have used the same username and password combination on other, more sensitive sites.

Gawker is urging its registered users to change their passwords on its sites--and anywhere else they've used the same passwords.

Even if the disclosure of registration on Gawker's often-controversial sites by people using government e-mail addresses doesn't lead to security breaches, it could prove embarrassing for employees. Felix Salmon of Reuters reports that the Gawker lists show that "one user with a usdoj.gov address uses the password 'parasite', while another uses the password 'Princess'; meanwhile, a NASA user has the password 'pervert'."