Mumsnet users have been advised to change their passwords after the site was taken down by a hacker last week and the founder was targeted in a swatting attack. Over the following days, a number of forum users said that posts had been made from their account but not by them. Police are investigating the incidents.
In a lengthy email sent to all registered users of the parenting website, founder Justine Roberts explained the events of the previous few days which began when the site was pushed offline overnight.
Roberts and another user were then targeted in a swatting attack, which involves sending a swat team to a target’s address. The week long attack appears to have culminated in what the site believes has been a phishing attack to harvest login passwords. The site also registers user’s postcodes, opening up the possibility of the hackers being able to locate users in the real world. Roberts explained:
“On the night of Tuesday 11 August, Mumsnet came under attack from what’s known as a denial of service (DDoS) attack. Our servers were bombarded with requests, which required our internet service provider to massively increase server capacity to cope.
“We were able to restore the site at 10am on Wednesday 12 August. Meanwhile a Twitter account, @DadSecurity, claimed responsibility, saying in various tweets “Now is the start of something wonderful”, “RIP Mumsnet”, “Nothing will be normal anymore” and “Our DDoS attacks are keeping you offline”.
“To add to the ‘fun’, it seems @DadSecurity also resorted to swatting attacks.”
Swatting, which is illegal, involves making an emergency call to the police and claiming that a crime is taking place at the house of the intended victim, in order to get the police to send out a swat team to the address.
“An armed response team turned up at my house last week in the middle of the night, after reports of an armed man prowling around,” Roberts said. “A Mumsnet user who engaged with @DadSecurity on Twitter was warned to “prepare to be swatted by the best” in a tweet that included a picture of a swat team, after which police arrived at her house in the middle of the night following a report of gunshots.
“Needless to say, she and her young family were pretty shaken up. It’s worth saying that we believe these addresses were not gained directly from any Mumsnet hack as we don’t collect addresses. The police are investigating both instances.”
By the afternoon of the 12th it had become apparent to Mumsnet staff that the hacker had managed to gain access to some of the site’s administrative functions, as they redirected the webpage to the Twitter page of @DadSecurity, which has since been removed by Twitter. They also edited posts from two users’ accounts, as well as the administrator’s forum account.
More was to come. Over the next few days, 11 forum users reported that posts had been made from their accounts unbeknownst to them. Roberts has speculated that this was done by phishing – redirecting people to an identical looking site controlled by the hacker which enables them to see passwords being typed in. Mumsnet has now asked all users to change their passwords.
This is not the first time that the site has had to ask users to change passwords. In April 2014 the site was attacked using the Heartbleed bug, which was used to access data from all users’ accounts.
The person or people behind the @DadSecurity attack have yet to be identified, and it is unclear what their motive may have been.
However Mumsnet have forged a reputation over the last few years as being the voice of Islington Yummy Mummies – a voice which it has been very happy to use at high volume and which may have made it a target.
The site takes its cue from Roberts, who founded the site in January 2000. She read PPE at Oxford, and lives with her husband Ian Katz, the former deputy editor of the Guardian and current editor of Newsnight in their Islington home. Jeremy Corbyn is the local MP.
Consequently, nestled in amongst articles on choosing the best pram or carry cot, and forum threads on choosing nurseries, is a section dedicated to feminism, where users can learn about “feminist theory”, discuss “feminist books”, indulge in “feminist activism” and even get “feminist support”.
The site also runs campaigns. This year, its annual charity appeal is on behalf of the Abortion Support Network, a group that encourages women in Ireland – both in Northern Ireland and the Republic (where abortion is illegal) – to obtain the pills that terminate pregnancy.
Anne Scanlan from pro-life charity Life said: “This organisation shows casual disdain for the law in both parts of Ireland – indeed, they appear to hold the law in contempt … it is utterly wrong for Mumsnet to be promoting such an organisation.”
Less controversially, although no less vociferously, last summer the site launched petition, signed by 56,000 of its users, demanding that Prime Ministers Questions be made more accessible and less combative. Nick Clegg, deputy PM at the time, told a Mumsnet Q&A session that the petition was “brilliant”.
The incident led James Delingpole, of this parish, to comment: “Mumsnet represents the vaguely acceptable face of a shrill, manipulative, bossy and often rather nasty neo-feminist movement whose influence can be seen everywhere.”