Cyber Incident Victim: Mumsnet

On August 19, 2015, the parenting website Mumsnet experienced a distributed denial of service (DDoS) attack that overwhelmed its servers with excessive access requests, forcing the platform temporarily offline. Concurrently, co-founder Justine Roberts became the target of a 'swatting' attack, where an anonymous individual falsely reported a gunman at her residence, prompting an armed police response team to arrive at her home. A Twitter account using the handle @DadSecurity claimed responsibility for both incidents, posting messages including "RIP Mumsnet" and "Our DDoS attacks are keeping you offline," accompanied by an image of a SWAT team. The same group targeted a Mumsnet user who had interacted with @DadSecurity, subjecting them to a similar swatting incident. Twitter subsequently suspended the @DadSecurity account following these events. Mumsnet confirmed the attacks disrupted service but provided no evidence of compromised user data beyond the DDoS disruption.

Mumsnet stated it does not collect residential addresses, raising unresolved questions about how the attackers located both Roberts and the targeted user. The company emphasized that user passwords remained encrypted but speculated attackers might have created a fraudulent Mumsnet login page to harvest credentials, enabling unauthorized site access. Roberts publicly documented the swatting incident on the platform, confirming the police response occurred but providing no further details about operational restoration timelines or forensic findings. The motivation behind @DadSecurity’s actions remained unclear, with no additional claims or communications from the group following their account suspension. Service interruptions were confined to the DDoS period, with no subsequent reports of prolonged downtime or data breaches directly attributed to the incident.