The British website for pop sensation Lady Gaga has been hacked, it's official. The website was targeted by the US SwagSec hacking group it would appear, a group which has a track record (if you'll excuse the pun) of hacking the official websites of pop stars having already hit Justin Bieber and Amy Winehouse to name but two. Universal Music has now confirmed that part of a database was copied and the names and email address records of Lady Gaga fans accessed. The record label was at pains to point out that no passwords or credit card data was stolen. Although precise numbers are not known, it is thought that thousands of fans have had their personal information accessed by the hackers. SwagSec hackers also, according to a number of reports, issued a death threat against Lady Gaga.
Universal Music has now notified all the fans who might have been affected by the security breach, and have issued assurances that security will be beefed up to prevent any repeat of the incident. John Stock, a senior security consultant at vulnerability management specialist Outpost24, however, insists that there must be "some red faces in the Haus of Gaga" and warns that while no financial data may have been taken on this occasion "the potential consequences are still extensive". Not least, as Rob Rachwald, Director of Security Strategy at Imperva notes "it's a safe bet that Lady Gaga fans are getting fraudulent email messages offering exclusive Lady Gaga videos, pictures and music. But instead, they're clicking on malware and becoming part of a bot army".
I'm a hacker turned writer and consultant, specialising in IT security. I've been a freelance word punk for over 20 years and along the way I have seen 23 of my books published, produced and presented programmes for TV and radio, picked up a bunch of awards and continue being a contributing editor with PC Pro - the best selling IT magazine in the UK .