Acai Berries are back! Well, they are if you are if you have ever registered with a Gawker Media site such as Gizmodo or Lifehacker. This past weekend 1.3 million people had their passwords and email addresses taken from Gawker’s servers and then used to launch a Twitter-based spam campaign for a number of AcaiNewsx.com websites. And it all came about as the result of the over-sized ego of an idiot publisher. Find out who and how after the jump.

The story began back in July when Gawker ran a couple of stories that were critical of 4Chan, the wild and crazy home of the Anonymous group of hackers that has at various times campaigned against Scientology, hacked Sarah Palin’s email account, and just last week brought down the Visa and Mastercard sites in support of WikiLeaks.

In response to the posts on Gawker, 4Chan mounted a half-hearted attack on the Gawker servers which in turn resulted in a self-congratulatory post by Gawker’s boss, Nick Denton.

In his piece, Nick decided to escalate the row, taunting the 4Chaners and calling them “sad”, a “troll hive” and “dumb”. His post finished with the come-and-get-me challenge: “And if any of you sad 4chaners have a problem with that, you know how to reach me (my email address is spelled n-i-c-k at g-a-w-k-e-r dot com).” Picking a fight with 4Chan is not generally regarded as a good idea unless you are a publicity-hungry publisher looking for attention.

After months of biding their time, this past weekend a group of hackers found their way into the Gawker servers and stole the email addresses and passwords of 1.3 million users together with the CMS and source code of the Gawker Media websites. Things then spiralled out of control very fast.

First, Gawker denied the security breach. On Sunday their director of editorial operations, Scott Kidder tweeted: “There’s no evidence to suggest any Gawker user accounts were compromised, and passwords encrypted/not stored in plain text anyway.” He was wrong on all counts.

Within hours Gawker’s user database was available for download on BitTorrent and The Pirate Bay by anyone who wanted it. Then it became apparent that Gawker had been using an outdated encryption system that was compromised years ago. In less than a day, more than 250,000 passwords were cracked and scammers were trying them out on hundreds of other websites to see if users had used them multiple times. Finally, on Monday, the inevitable happened: a quick-hit Twitter-spam campaign to the lucky Gawker user base. A number of domains were involved including acainews7 dot com and acainews2 dot com. The sites all seem to be down already and the FBI are investigating. Good times.