In the online community of the Spiegel the magazine said that a security vulnerability may have disclosed usernames and email addresses. On August 2nd there was an unspecified security incident involving the community software “Talk”. This made it possible to assign the email address and user name in the Spiegel forum.
the Spiegel writes about the incident: “We were able to close the security gap after a few hours. Nevertheless, it cannot be ruled out that attackers have stolen e-mail addresses and usernames.”
Precaution: Random usernames
To prevent usernames from being assigned, Spiegel replaced them with random combinations of letters and numbers.
(Image: screenshot)
An attacker could assign the origin of comments by assigning a real e-mail address and the user name in the forum. Anyone who wrote under a pseudonym but used their real email address could be assigned. If you are concerned about this, you can delete all of the contributions you have made in the forum profile at the push of a button.
the Spiegel changed the username due to the possible data leak in order to make the assignment impossible for a potential attacker. The forum now has a series of letters and numbers instead of the old community names. It stays that way until you change the profile again.
In order not to be dependent on the operator of a website for pseudonymization, random e-mail addresses that forward to the real e-mail address or a separate pseudonymous e-mail address can help. This should make the assignment even more difficult and the pseudonymity should be preserved.
(how)
