Over the past weekend, a hacker managed to gain unauthorized access to the databases of Skeptical Science, a site that focuses its efforts on the issue of global warming, addressing climate enthusiasts in more than 20 languages.
According to John Cook, the creator and administrator of Skeptical Science, the entire user database was archived and uploaded to a Russian website.
“Access to the full database (which includes private details) is restricted only to myself and I am the only one with access to all of the raw data - this fact alone indicates that this breach of privacy came in the form of an external hack rather than from within Skeptical Science itself,” Cook wrote.
It turns out that IP addresses, email addresses and encrypted passwords ended up being published online.
It’s uncertain at this time if the hacker managed to decrypt the passwords, but as a precaution customers are being advised to change them.
“Rest assured, we are working hard to upgrade Skeptical Science's security in order to more robustly protect users' private details. We are also in the process of soliciting legal advice on these matters and contacting the appropriate authorities,” Cook explained.
“We all believe that protecting the privacy of individuals is of the utmost importance and we would hope that all illegally obtained documents and files are removed from uploaded servers and disposed of,” he concluded.
Environment and climate-related websites have become a tempting target for hackers, especially sites that store large amounts of data.
However, in this case, it shouldn’t surprise anyone if the incident is a result of an operation launched by a hacker who just wants to test his skills on websites that have a lot of customers.
Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile.