A twitter user calling himself @DadSecurity, has taken it upon himself to ‘take down’ the parenting site, telling owners: ‘RIP Mumsnet.’
But the hacker isn’t merely collection emails and passwords.
In a chilling twist, ‘Dad Security’ seems intent on a practice called ’swatting’ - and illegal activity where the hacker calls a swat team to the victim’s address, where no crime is actually taking place.
Usually in the middle of the night, the call will be made telling swat teams to descend on a family home, where they will wake the occupants, leaving them shocked and shaken.
Mumsnet worker Justine warned members of this practice, which happened to her just last week.
‘An armed response team turned up at my house last week in the middle of the night, after reports of an armed man prowling around. A Mumsnet user who engaged with @DadSecurity on Twitter was warned to "prepare to be swatted by the best" in a tweet that included a picture of a swat team, after which police arrived at her house in the middle of the night following a report of gunshots.’
‘Needless to say, she and her young family were pretty shaken up. It’s worth saying that we believe these addresses were not gained directly from any Mumsnet hack as we don’t collect addresses. The police are investigating both instances.’
If you use Mumsnet, and are worried about what’s happened since the hack, this is the advice the site gives.
‘We take great care to protect the information you give us and not to ask for or store any more information than we need to run the site, but though we can’t know how many accounts have been affected, there have been enough breaches for us to ask all Mumsnet users to change their passwords. As a result, you’ll no longer be able to log in to Mumsnet with your current password, and will need to create a new one, here.
‘This will mean that any passwords the hacker has been able to harvest up to this point will be useless. We are looking into what we can do to strengthen our defences against phishing, but in the meantime we need to ask you to be vigilant, and to check the URL of the login page for the foreseeable future. The correct URL is www.mumsnet.com/session/login and it reads https:// rather than http:// at the beginning. We will place a warning on the login page reminding you to do this.
‘Alternatively use the social login option (ie Facebook/Google) as then you won’t be required to enter a password. And if you log into any other sites using the same password as you use on Mumsnet, it makes sense to change your password on those sites, too.’