So after discovering sometime this past weekend that a security breach had taken place on their servers which compromised the usernames and passwords for the comment accounts on many of the Gawker Media sites they finally sent an email late Monday evening US EST telling users about the issue.
This weekend we discovered that Gawker Media’s servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. As a result, the user name and password associated with your comment account were released on the internet. If you’re a commenter on any of our sites, you probably have several questions.
We understand how important trust is on the internet, and we’re deeply sorry for and embarrassed about this breach of security. Right now we are working around the clock to improve security moving forward. We’re also committed to communicating openly and frequently with you to make sure you understand what has happened, how it may or may not affect you, and what we’re doing to fix things.
This is what you should do immediately: Try to change your password in the Gawker Media Commenting System. If you used your Gawker Media password on any other web site, you should change the password on those sites as well, particularly if you used the same username or email with that site. To be safe, however, you should change the password on those accounts whether or not you were using the same username.
We’re continually updating an FAQ (http://lifehac.kr/eUBjVf) with more information and will continue to do so in the coming days and weeks.
I know tech sites covered the breach and made us aware of the issue over the weekend but why did it take Gawker so long to tell all the compromised users?