Financial News

  • 15 April 2014, 11:12

Mumsnet Hacked In Heartbleed Bug Attack

Parenting website Mumsnet has said users' data has been stolen by hackers using the Heartbleed bug.

Mumsnet founder Justine Roberts said in a statement that a recommended fix was applied immediately after the bug was discovered last week.

However, she said there was no way of knowing how many users had already been affected by the security breach.

"It became apparent that users' data submitted via our login page had been accessed prior to our applying this fix," she said.

"We have no way of knowing which or how many accounts were affected but have advised users to change passwords."

Mumsnet's 1.5 million users were sent an email on Saturday urging them to reset their passwords, not only on the Mumsnet site, but on other sites where they may have used the same password.

The email said: "We know this has been an enormous pain in the rear end for some of you, and we're really sorry about that."

The existence of the bug, considered one of the greatest ever threats to internet security, became public last week.

It was revealed that hackers were able to exploit a flaw in the widely-used web encryption programme OpenSSL.

The software is used to protect data including passwords and credit card numbers.

Canada's tax-collection agency said that private information from some 900 people had been stolen from its systems.

Despite blocking access to its site for several days while it addressed the fix, the Canada Revenue Agency said social insurance numbers were stolen during a six-hour period.

It is thought the vulnerability may have existed for around two years - when the flawed version of OpenSSL was released.

More than half of websites use various versions of the software. The extent of the damage is unclear.

Advertisement