Skip to Main Content

Parenting site Mumsnet hit by data breach


Mumsnet has reported itself to the UK's data protection watchdog after an upgrade let people see details of other accounts. 

BC27C1E6-0987-938D-24C8EEC3B36C40D0.jpg

In a message placed on the site, it said the problem occurred between 5 and 7 February.

Accounts got mixed up if two users logged in at exactly the same time, said Mumsnet founder Justine Roberts.

No passwords were exposed in the breach and she said the site was investigating how many users had been affected.

"You've every right to expect your Mumsnet account to be secure and private," wrote Ms Roberts. "We are working urgently to discover exactly how this breach happened and to learn and improve our processes."

Early analysis suggested that at least 14 people were affected by the breach. Some of those affected sounded the alarm to Mumsnet early on 7 February that they could view other accounts.

Those affected would have been able to see information including:

  • email address
  • account details
  • posting history
  • personal messages

Mumsnet said it had now reversed the software update that caused the issue. It has also forced all users to log out so anyone still lurking in another user's account would be removed from it.

The ICO said it had received the report from Mumsnet and would be looking into the incident.

 

https://www.bbc.co.uk/news/technology-47169466