Blog site back up after hack attack
Published: 28 Oct 2002 10:11 GMT
Pyra sparked up its popular Blogger.com site again Friday after shutting it down earlier in the day in response to a hacker attack.
The hack compromised individual accounts, locking out site users from their blogs.
Pyra has taken the machine that was compromised offline and restored the Blogger site from its redundant servers, said Jason Shellen, the company's director of business development. Users whose accounts were compromised should be able to access them again, he said.
Pyra has not yet determined when the hacker first got access to Blogger accounts, but the attack appeared to have started early Friday morning, Shellen said. Pyra took down the Blogger site at around 9 am PDT, and it was offline for about two and a half hours, he said. It was brought up at about 11:25 am.
While it was down, visitors to Blogger.com were unable to access individual blogs or set up blog accounts. "Blogger is down for repairs. Please check back soon. Sorry for the inconvenience," a note on the site said.
Blogging, essentially the process of keeping an online journal of daily observations, has started to catch on with the mainstream. Celebrities, such as former "Star Trek" star Wil Wheaton, have their own blogs as well. Meanwhile, blogging has been the subject of a series of Doonesbury comic strips this week.
Blogger has been one of the more popular Web log sites. The site now has about 875,000 users who publish some 930,000 blogs, according to Shellen.
Shellen didn't know how many of those accounts had been compromised.
In postings on the Web, some Blogger customers worried about the extent of the breach. While many use the Blogger site for free, some have paid for additional services, such as ad-free blog pages and additional tools -- meaning that Pyra has their credit card information on file. Likewise, some Blogger users who publish their blogs to outside Web sites are worried that their user IDs and passwords to those sites could have been compromised also.
But Pyra believes the hack was a fairly low-level attack that didn't compromise outside accounts or credit card information, Shellen said. Credit card data, for instance, is kept on a different sever from the one that was attacked, he said.
"From what we can tell, this looks like a pretty juvenile job," Shellen said. "There's no way that (the credit card data) could have been breached."
Blogger customer Mark discovered that his account had been compromised around 6:40 PDT this morning when he was unable to log into his blog. When Mark, who asked that his last name not be used, requested that Blogger send him a new password for his account, the system instead sent the password to what he believes was the hacker's address. The Boston tech writer said he was unable to contact Blogger to alert them to the breach.
"It shows we really take security for granted after a while," he said.
Have your say instantly, and see what others have said. Go to the Security forum.
Let the editors know what you think in the Mailroom.
Did you find this article useful?
48 out of 112 people found this useful
- Share this article:
