Parenting website, Mumsnet, suffered a cyber attack resulting in user data being stolen and armed police being deployed to its co-founder’s home.
Justine Roberts, co-founder of the site, fell victim to a ‘swatting’ prank which saw an armed response team turn up at her house in the middle of the night following a hoax call which was part of a wider attack on the parenting form.
Last week, August 11, hackers forced the site offline and redirected the homepage to a Twitter account named @DadSecurity which confirmed a Distributed Denial of Service Attack to the Mumsnet website. A series of other tweets followed including one reading “big surprise coming…” followed by “prepare to be swatted by the best”.
That night Metropolitan Police turned up at Roberts' home following a call from the hacker who told police that a gunman had been seen nearby. A second Mumsnet user who engaged with @DadSecurity on Twitter was also visited by armed police in the middle of the night, following a report of gunshots.
Shortly after the site’s outage Mumsnet locked down all access to its admin functions and reported the attack to the police. The following day the site was functioning again however Robert’s received reports over the weekend of users’ accounts making false posts, confirming that data had been stolen.
Some of the sites 7.7 million users had their passwords published online however Roberts stated that the hackers could not have accessed users address directly from the hack because Mumsnet does not hold that information.
In a statement Roberts said Mumsnet “can’t know how many accounts have been affected” and urged all users “to change their passwords”.
The site posted a statement earlier today confirming that around 3,000 usernames and passwords had been posted online and that the hacker would have had access to username, password, postcode if supplied, username history and Mumsnet inbox.