Users and companies are trying to sweep up the mess caused by this weekend’s breach of roughly 1.3 million reader accounts at Gawker Media. And a few of them are showing some surprising, welcome resourcefulness.
LinkedIn, for example, scanned through the archive of usernames, e-mail addresses and passwords posted by the Gawker hackers. When the business-networking site spotted its own users in that list, it reset their passwords and notified them via e-mail.
Amazon has done the same thing. A blog post by Dutch teenager Daan Berg recounts a similar password-reset e-mail from Amazon and compliments the company for its initiative. Washington-based Associated Press video producer Matt Friedman wrote on Twitter that he’d received the same notice and forwarded a copy to me.
Unlike LinkedIn, however, Amazon has yet to post a notice confirming that it’s taken this step. It should: Phishing e-mails will probably adopt this theme as a lure, and the good guys can easily set themselves apart from the bad by saying in public, “Yes, we’re sending those messages.” Amazon spokeswoman Mary Osako wrote that the company did send those e-mails to “some customers” but did not give a number.
Read more here…
