Thank You (Sort of) to the Guy Who Hacked My Blog

, ,

I was thinking about blogging about job hunts today. Or managing up. Or one of the hundred or so topics that are always safe to go to if you blog about careers. But I decided that I can't ignore the fact that someone hacked into my RSS feed and put a bazillion porn links at the bottom of my post about taking notes.

It would be too weird that 20,000 people received the list of porn sites and I'm not saying anything about it. So, here I am, saying something: I'm really sorry for the problem.

I want to tell you that this is the first time my blog has been hacked. But it's not. I haven't written about the hackers because I didn't want to encourage them. It's amazing to me that people take the time to mess with this blog.

But things got a little clearer now that there's porn involved. The hacking starts looking a little too close to the types of comments that I used to get on Yahoo Finance. The kind that started with the fact that I was a woman and then went on to say how stupid I am and eventually came to outrageous sexist slurs that Yahoo had to pay someone to monitor and remove.

I get asked a lot about the disparity between men and women in the workplace. In fact, just today I did an interview where I said that I do not think there is disparity. There is not disparity in paychecks. (In fact, in big cities young women make more than young men for the same work.) And the disparity that comes later in life is the result of women choosing to spend more time with their kids than the men do.

So you won't find me complaining about gender in the workplace. But I do think that the web is a different story. The anonymity brings out the sexist behavior that men know very well to hide at work.

So you'd think I'd be angry, right? But I'm not. The only time I got angry was when I couldn't find my IT guy to tell me how to fix the problem. But beyond that, I believe that most people are good and that holding grudges gets me nowhere.

So much of the career advice I give is based on the idea that you can teach yourself to be nice—even to people who hate you—and being nice is an end in itself. I really believe that. And I am not angry with the person who messed up my feed. I am mostly blown away that he would take the time to do it.

I also write a lot about community. The reason I blog is because I love the conversation, and I love how we depend on each other to show up regularly, ask good questions, and provide a reality check when it comes to the absurdities of life at work. So it shouldn't have surprised me that a lot of people sent me an email this weekend. But the amount of concern and encouragement that people showed in their emails was touching. And in a way, getting hacked makes me feel so lucky that I'm part of a community that cares. So thanks.

Oh. And also, thanks for being my test case, because I can't tell if we've fixed the feed problem until I send another post through the feed. So, here's hoping …

41 replies
  1. zak
    zak says:

    your post came through the RSS feeder without any drama.

    It’s amazing how much time people spend being destructive. . . if they just channeled their energies towards a positive end, imagine what would get accomplished. . .

  2. deb
    deb says:

    came through the feed just fine.

    way to stay upbeat and optimistic in the face of such negativity!
    all the best!

  3. Michael Cortes
    Michael Cortes says:

    I got it fine.

    I love the ‘tude (don’t get angry, be nice) because I have been working hard on keeping a positive attitude. I am starting to appreciated the value of it. It’s especially refreshing since I have been saving up my positive ‘tude for so long. Might as well start using it now.

    I will try to remember… “be nice”

  4. Jonathan E.
    Jonathan E. says:

    I saw the spam links briefly last night. I hate to break it to you, but I see no such linkage between you personally and the hack. While you may like to think someone was making this personal, they likely were not.

    I say “they” because the hack was also likely via a bot and not a single male human out to get you. If you did have to apologize (and you don’t), it would be for having a relatively easily exploited vulnerability that wasn’t bolted down.

    * * * * * *

    This makes me feel better. Thanks. Maybe all I need is a WordPress upgrade. More reason to not be angry, huh?


  5. Garrick
    Garrick says:

    Looks like you successfully removed the links.

    I love your attitude in the wake of you feed being hacked. I had this happen to me a few months ago, and I can’t say that I managed to keep a level head.

    Also, thank you for responding when I sent you a heads up email about the spam. Many bloggers as popular as you would not have bothered to respond.

    Keep up the good work.


  6. DS Dan
    DS Dan says:

    It’s far more likely that this is part of a widespread link spam attack on blogs than a sexist attack on the particular author of this blog. Never attribute to personal malice what is more likely the result of impersonal greed.


  7. Sean
    Sean says:

    Looks good! Glad you got it sorted and everything is back up and working. Thanks for actually addressing it too so I know I’m not crazy


  8. Daryl Mather
    Daryl Mather says:

    “The anonymity brings out the sexist behavior that men know very well to hide at work.”

    Thats a bit of a foul Penelope…

    * * * * * * *
    Well, hm. I’m curious, then. Do people think that men do not surpress sexist behavior? I feel like I encounter a lot of stuff online that I never see in the physical work place. But maybe I’m wrong. I wonder what people think about this…


  9. Dale
    Dale says:


    I can’t disagree with you strongly enough on the issue of disparity in the workplace.
    Perhaps in the areas of equal pay for equal work, the disparity has gone south, but is that really an all encompassing metric for gauging gender disparity or any other kind of discrimination in the workplace?

    Salaries are easy to monitor and so discrimination there is easy to spot. But what about the distribution of promotional opportunities; workplace accommodation of lifestyle needs (especially child care related issues), and sexually harassment? These issues are less tangible or indirect causes of disparity, because they impact females, but it is harder to assess their long term effects on career advancement. In my opinion, they are as prevalent as ever, and do serve to retard the progress of females and others, while making it easier for males to progress in their choosen career paths.

    I do believe that you – as we all – should be complaining about the effects of gender in the workplace, because negative influencers still exist; just as you should complain about the negative effects of race, religious orientation, sexual orientation, and the advantages of good looking people over us ugly ones:)

    It isn’t all about the money!
    Money earned isn’t the only criteria for assessing disparity, and I’d be really interested in any longitudinal studies that follow a set of males and females to determine the part that these gender based variables play in career advancement of the sexes.
    Just my two cents worth.

  10. Richard
    Richard says:

    It was blog spam as a result of an automated bot. I work in IT security and see this stuff all the time. Don’t read too much into this. It’s not alway about Penelope!!!

  11. John Miller
    John Miller says:

    +1 not a personal attack. More than likely a bot that scanned your wordpress install.

    Thanks for blogging about it though. I thought you might be working a new monetization stream. :)

  12. Penelope Trunk
    Penelope Trunk says:

    The big takeaway today is that I should have blogged about this on Friday. Then I could have found everything I need to know in the comments section and I wouldn’t have had to stress about this all weekend.

    Also, I am thinking now that once one experiences a big dose of sexist behavior — in my case, from Yahoo — one is more likely to jump to that conclusion in the future. Bad, yes. But true. I think the trick is to see it in oneself and compensate. Which maybe I’ll do next time :)


  13. kathryn
    kathryn says:

    How do you know the person who hacked your blog (or programmed an automated spambot) is a man?

  14. Bill Hansley
    Bill Hansley says:

    Hey, I’m a new (1 month) reader, and I’ve been loving everything I’ve read. I saw the porn links and didn’t think twice about it – figured right away that it was a hack by some script kiddie with too much time on his hands.

    Way to rise above and not take it personally. It’s way more about security on your rss feed than it is about you.


  15. Christy Ramon
    Christy Ramon says:

    Some men totally suppress their sexism.I wish we were a more evolved bunch of people but that simply isn’t the case.

    Hasn’t anyone else ever wondered why every macho man they’ve ever known has taken issue with women who may NOT be opinionated, may NOT be pushy, etc., but are merely smart and qualified? I always wondered about this until I finally decided that I could decide: it’s sexism. Plain and simple.

  16. Jonathan E.
    Jonathan E. says:

    One more thing: Most of the links the spambot left weren’t really sex related, at least what I saw. Google’s cache of your site now shows:

    “accutane lawyer lawyers attorney attorneys law litigation…”

    and so on. Was it a prior run-in with a male pig Accutane attorney that made you think this was a work of some sexist?

  17. ascian
    ascian says:

    There might not be a disparity in pay, but something I was really surprised to come across when I received an offer for my first graduate job was “You only got the offer because you’re a woman”, from people who I had been at university with for four years who had never shown a hint of sexism before. Sometimes I feel like I can’t win – in a male dominated industry, if a guy gets a promotion, he obviously worked hard for it, if a woman gets a promotion, it’s because she’s a woman. Really disheartening.

  18. Mark W.
    Mark W. says:

    The following text was copied from Kaspersky Lab and titled – An Analysis of Hacker Mentality – for what it’s worth.

    Why people hack is a subject which is often discussed. Some say the explanation is the same as the one given by people who climb mountains: ‘because they [computers] are out there’. Others claim that by highlighting vulnerabilities, hacking helps increase computer security. And finally, there is the explanation most often put forward: criminal intent.

    Whatever the reason, as long as computers exists there will be hackers – white hats, black hats and grey hats. And because there is no way of predicting which kind of attack (‘curiosity’ versus ‘malicious’) will hit your computer first, it is always best to be prepared for the worst.

    The truth is that in hours of a machine being connected to the Internet, somebody will scan it with an automated vulnerability probing tool, looking for ways to get in. It may be somebody who is just curious to see what is on the machine, or a white hat from the other side of the world checking to see if the computer is secure. Of course, in real life you wouldn’t want passing strangers stopping to check if your house or car were locked, and, if not, to go inside, look around, go through your possessions and leave a note saying ‘Hi, I was here, your door was open, but don’t mind me and BTW, fix your lock’. If you wouldn’t want someone to do this to your house, you wouldn’t want someone doing it to your computer. And there is no excuse for doing it to someone else’s computer either.

    Premeditated, criminal, hacking is obviously even worse. In the real world, somebody walks by, breaks your lock, gets inside, disables your alarm system, steals something or plants listening devices in your phone or surveillance equipment in your living room. If this happens you call the police, they look around, write a report, and you wait for the thieves to be caught. Unfortunately, this is a rare luxury in the computer world; the culprit may be far, far way, downloading your confidential files while sitting in his personal villa or sunbathing by his huge pool, nicely built with stolen money. Or, in a business environment, many large corporations prefer not to report hacking incidents at all, in order to protect their company image. This means that the criminals remain unpunished.

    Another hacker motivation may be hooliganism, or digital graffiti, which can be summed up as hacking into systems to cause damage. Web site defacement is a very popular form of digital graffiti and there are some hacking groups which focus on this task alone. Just as in the physical, non-cyber world, catching the hooligans is a tedious task which usually doesn’t repay the effort or resources expended.

    Whatever the reasoning, be it ‘to help others’, ‘security heads-up!’, ‘hooliganism’ or ‘criminal intent’, hacking is a phenomenon which is deeply rooted in the world of computing and will probably never die. There will always be people immature enough to abuse public resources, self-proclaimed ‘Robin Hoods’ and criminals hiding in the dark alleys of cyberspace.

  19. Robert W.
    Robert W. says:


    To be precise, your blog was not “hacked”. That would involve someone figuring out the username and password and dramatically altering it. You were simply spammed.

    This has happened to me before. It has even happened on the website of the not-for-profit organization I founded. Quite disgusting IMHO.

    One of the primary things you could do is turn on the CAPTCHA facility that I assume your blog engine must have. Without that you are susceptible to “robots” (dedicated computers) automatically putting such trash all over the Internet.

  20. Jerry Matthew
    Jerry Matthew says:

    PT –

    The RSS feed came through fine, no drama involved. I wonder if I saw part of the hack when I sent you a note a few days ago?? I thought something was wrong when the links at the bottom of your article were trashed.

    I think the computer creates the illusion of being anonymous, and therefore, allows some behaviors to come out in words or IM’s that you wouldn’t see or hear in person. I believe if you wouldn’t say it in person you shouldn’t be hiding behind a compuetr to say it.

    You will get farther with honey than you will with vinegar. You get to make 2 impressions ons people – your first and your last. Guess which one they remember?

  21. manly man
    manly man says:

    first of all, gud job on remaining clam and positive in the middle of what I would call – “disaster”

    hah.u talk of men suppressing their sexism (which I agree)
    Penelope, don’t u think that we are all gud at this (how about racism? homophobia? etc)… all those isms or fear we suppress! So in a lot of ways the picture of the world we see around is not real. We haven’t created an honest picture of the world (now its a whole new story whether we want it that way!) You just noticed a tip of the iceberg. Thought I’d share what I think while we’r at it.

    keep up the gud work.

  22. Karthick
    Karthick says:

    This was kinda funny. I read mental notes and then saw vigra links. I thought you were being funny till i saw a 100 links.

    Anyway, it’s working fine now, and great blog. I really think women who write about enjoying sex so much get hit on (no pun intended) more often. And since a geek doesn’t have the charm to do it offline, he can do something online.

  23. Meitar Moscovitz
    Meitar Moscovitz says:

    “Don’t be mean” is the credo of Kate Bornstein, a well-known gender theorist and one of my personal heroes for a whole host of reasons.

    I’m a 23-year old techie struggling to find work that doesn’t feel like selling my soul for exactly the reasons you write about: I want to work when, where, and how I want to – 9 to 5’s are not dissimilar from a death sentence for me. Some of your advice has given me the capability to negotiate a first-of-a-kind “flexible working policy” with a new employer for me, and I’m finally optimistic about what that can mean for my wellbeing in the workplace.

    Thanks for keeping on, y’know, keeping on.

  24. Shefaly
    Shefaly says:


    I agree with the comment which says you were not hacked, just bot-spammed. So a captcha would be a good idea. Captchas that use some rudimentary arithmetic will be even better ;-)

    "The anonymity brings out the sexist behavior that men know very well to hide at work.”

    Several points here.

    Yes, the anonymity on the web brings out a lot of stuff. Particularly bad remarks almost never have links and almost never have email addresses attached to them.

    But the bad behaviour is not limited to men. I routinely get rude comments from men – and from women – mainly because I write stuff that challenges many people’s idea of the world and shakes them in their comfort zones.

    It does not only bring out sexist behaviour; it brings out all else that we are “trained” to hide too – animosity based on race, religion, and other differences. Mainly because there is no punitive measure possible, apart from leaving an internet trail which is addressed best by remaining anonymous.

    Another thing the brings out is the total lack of manners. Here it is not different from the real world. Have you ever seen a boor being confronted by anyone in the real world – trains, planes, offices, restaurants? People are way too embarrassed by a boor being human to confront him/ her. Same goes here.

    And then there is bullying. In the beginning I used to get upset by rude remarks and trail people back. I found many people who are lonely – probably because they are such social basket cases – suddenly find an outlet on the web. Their resentment comes out in many forms and rude commentary of no relevance is one of them.

    But, all this assumes there was one single male (or female) sitting around doing this and alas, there was a robot – many times as efficient as a human, many times as intent-less as a human.

    Thank humans for inventing robots, eh? :-)

  25. Philippa Hammond
    Philippa Hammond says:

    My blog was also hacked recently – the little blighters seem to get everywhere. My whole site actually got taken down by Google as a result. My tech guy says it was to do with not upgrading WordPress in time.

    I also posted a blog entry about it for my readers, just to make sure nobody thought my site linked to ‘bad places’ and infected their PCs with some sort of debilitating virus.

    I like to think I dealt with the problem calmly and with grace too…perhaps it could be taken as a compliment?!!!


  26. Don B.
    Don B. says:

    I did not notice the links only that there was no comment box. Glad you got it fixed. Liked your blog about the hacker. Sorry you were stressed on the weekend. I emailed because I was confused why there was no comment box. I am glad to find out the reason I could not comment was not my idiocy.

  27. Mark W.
    Mark W. says:

    @Don B. – I also noticed that no comment box was present on the weekend and commented above to include another person’s take on hacker mentality.

    @Robert W. – I am hoping and tend to agree without knowing for sure that this blog had a spam attack. Whether it was caused by a robot or directly by a hacker there was a person or persons behind this crap. Regardless, the behavior is hideous and immature.

  28. MJ
    MJ says:

    Your information on disparity in paychecks is wrong. Misinformation makes a better soundbite, but it does not serve the truth.

  29. Peter Fletcher
    Peter Fletcher says:

    Some numb-nut helped themselves to my Twitter feed and I found a version of myself on a spoof adult dating site looking for like-minded males. Some people have zero intelligence and even less respect. Your approach of taking preventative measures whilst maintaining your dignity is admirable.

    Keep up the good work.

  30. Danielle
    Danielle says:

    LOL – I actually reported this to my RSS feed reader website… for some reason I assumed it was on their end and not yours!

    Glad to know you found it and its fixed.

  31. Don
    Don says:

    I wouldn’t disagree that sexism comes out in anonymous venues like the internet, but I don’t think this hack is an example of it. On the college campus where I work, numerous pages on our Web site were hacked in exactly the same way, and the pattern was totally random. In fact, I assumed the process was automated.

  32. Robert W.
    Robert W. says:

    Mark W: Having built sophisticated software for over 25 years, I just like the facts and correct terminology to be used – especially when it comes to my industry. For example, your use of the term “hacker” is incorrect. A hacker is a person who writes malicious software code and unleashes it on one or more computers. That’s not what happened here.

    As I stated previously, I have GREAT sympathy for Penelope. My CAPTCHA idea, if available to her, is a good first step to reducing such spammers.

  33. Mark W.
    Mark W. says:

    Robert W. – you’re right, I shouldn’t have used the term ‘hacker’ or copied the ‘hacker mentality’ thing above in hindsight. I think we can agree though there was a breech in security and Penelope’s IT guy should be able to fix it.

  34. Chris Butterworth
    Chris Butterworth says:

    Hi Penelope,

    Any way you can post the remedy? One of my blogs got spam injected last night – I got poker links instead of porn.. It only shows up in google reader, nowhere else. I’m not sure how to fix it. :(


  35. Shefaly
    Shefaly says:

    @ Robert W.:

    You say: “..A hacker is a person who writes malicious software code and unleashes it on one or more computers…”

    Since we are being pedantic about terms, may I suggest that the definition with a negative twist, that you provide, is NOT what the term ‘hacker’ means? Especially if you are a programmer.

    To most or all programmers, a hacker is a whiz programmer, who sorts complex problems and is creative – and fast – with workarounds.

    Since the 1960s, the term ‘hacker’ has been used at MIT to mean things beyond computer software e.g. all MIT pranks including the Lord of the Rings ring or the police car on the dome are called hacks. There are layers of ethics that govern hackers but by and large, the software coder community uses ‘hacker’ as a term of respect and not as a derogation.

    The negative use of the term is a media invention dating back to the 1980s. Which, if my arithmetic is right, would be when you started writing code. :-)

Comments are closed.