14 DAY TRIAL // Writerspace has come forth as one of the sources for the email credentials leaked by LulzSec and started the process of notifying its affected members.
Dating back to 1998, Writerspace is a place for writers and readers to communicate with each other. According to the website, it is currently the online home of over 550 authors.
"Today an anonymous group of hackers known as LulzSec posted a list of 62,000 e-mail addresses and passwords. That list included about 12,000 e-mail addresses and passwords from Writerspace members," the website announced.
The company claims that regardless how secure a system is, someone determined enough can probably find a way in. To suggest that LulzSec is more than an average group of hackers, Writerspace points out that they broke into the CIA and US Senate websites last week.
That is not entirely true, as LulzSec only DDoSed cia.gov and didn't break into it to steal anything. It did extract information from senate.gov though.
"Our techs are working to insure that our server is as secure as possible," the company stresses. However, the fact that LulzSec was able to obtain passwords in plain text suggests that either they were stored in a completely insecure manner or that a weak hashing algorithm was used.
The company advises its members about secure password practices. This includes changing them regularly, using separate ones for different websites and using uppercase, lowercase and special characters.
Users are strongly advised to change their passwords on all accounts where they might have used them, because the credentials exposed by LulzSec continue to be abused online.
There are reports of some credentials being used to break into the victims' PayPal accounts, impersonating them online and damaging their web properties.
