Several major U.S. news sites were hacked over the weekend and more than 200 000 user data and passwords are now beeing spread on various file sharing networks. It was the the U.S. media company, Gawker, that was was targeted this weekend by a series of hacker attacks against several of their websites. The websites affected include Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot.

According to PCWorld, a group named “Gnosis” has claimed credit for the attack:

The compromised information is now available in a 487 MB file, which can be downloaded from peer-to-peer networks using a torrent now indexed on The Pirate Bay. Other information in the file includes something called “gawker_redesign_beta.jpg” as well as Gawker’s server kernel versions.

In the torrent release notes, Gnosis said “So, here we are again with a monster release of ownage and data droppage. Previous attacks against the target were mocked, so we came along and raised the bar a little.”

The information released includes only email address and passwords. But since many users tend to use the same password for multiple services, it is very possible that many user accounts on other services is also at risk.

“We’re deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us.”, Gawker writes in a message on its website.

Gawker has also urged all users who have registered at any of the affected sites to immediately change their passwords if they use the same password on other services. Lifehacker has created a step by step tutorial on their website.

Those who linked their Twitter or Facebook accounts with Gawker do not have to worry about their passwords, as Gawker does not store those passwords.

(via IDG News)