Amazon denies that it was hit by a DDoS attack, as Gawker is hit and over a million users passwords are leaked

News by Dan Raywood

Amazon has denied that it was hit by a distributed denial-of-service (DDoS) attack, claiming that a hardware issue was the cause of its European sites to be down.

Amazon has denied that it was hit by a distributed denial-of-service (DDoS) attack claiming that a hardware issue was the cause of its European sites to be down.

Reports and rumours surfaced online last night, claiming that Amazon was down due to an attack. Media reports claimed that Amazon's websites within Europe were taken offline for around three-quarters of an hour on Sunday evening.

Amazon bowed to political pressure and halted its hosting of WikiLeaks on 1st December, leading to a failed attempt to take Amazon offline by the Anonymous group, who succeeded in taking down MasterCard, PayPal and Visa websites last week.

A spokeswoman for Amazon told Reuters: “The brief interruption to our European retail sites earlier today was due to hardware failure in our European data centre network and not the result of a DDoS attempt.”

No comment is available from the Anonymous group due to its Twitter accounts (@anonopsnet, @AnonyWatcher and @Anon_Operation) currently being suspended.

Elsewhere the Gawker website was hacked, with 1.3 million password files stolen, including 540,000 that included an email address.

According to, the responsible party has no affiliation with Anonymous or others, although the data did end up on 4Chansite later. Scott Kidder, director of editorial operations at Gawker Media, later confirmed that database data was indeed accessed by an unauthorised party and encouraged registered members on any of Gawker Media's web properties to change their passwords with immediate effect.

An internal email to all Gawker staff said: “Our user databases do indeed appear to have been compromised. The passwords were encrypted, but simple ones may be vulnerable to a brute-force attack. You should change the password on Gawker (GED/commenting system) and on any other sites on which you've used the same passwords.

“Out of an abundance of caution, you should also change your company email password and any passwords that may have appeared in your email messages. We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us.”

The leak has also led to a widespread spam campaign on Twitter, with the passwords posted on sites such as The Pirate Bay. According to Sophos, hundreds of thousands of Twitter accounts appear to have been compromised by hackers, who have spread spam promoting an Acai Berry diet. 

According to Del Harvey, Twitter's director of trust and safety, the messages seem to have been posted from accounts where users were using the same password on both Twitter and Gawker.

Graham Cluley, senior technology consultant at Sophos, said: “The key issue here is that too many users, as much as a third, are still using the same password for every website they access. Once one password has been compromised, it's only a matter of time before the fraudsters will be able to gain access to your other accounts and steal information for financial gain.”

Cluley also notes that a second teenager had been arrested by police in the Netherlands in relation to the DDoS attacks. The high tech national crime team announced the arrest on Saturday of a 19-year-old man from Hoogezand-Sappemeer for the attack on the website of the Public Prosecutor on Friday.

It said: "From behind his computer, the man used hacker software to flood the website of the prosecutor's office with as much digital traffic as possible. Investigations by the National Police Services Agency showed that the man, who was active under the internet nickname Awinee, urged other internet users to participate in the attack.”

Sophos detected that his real name is Martijn Gonlag and he was traced after using DDoS software that did not hide the IP address of the computer involved.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews