Washington Post's job website hacked

1:10:00 AM

Washington Post's job website hacked
07/08/2011 | 09:20 AM

Hackers broke into a job-related site of The Washington Post newspaper in late June, gaining access to some user data.

The Washington Post said it has asked law enforcement to look into the hack into its Jobs site, even as it apologized for the inconvenience caused by the incident.

"We discovered that an unauthorized third party attacked our Jobs website and was able to obtain access to certain user IDs and e-mail addresses. No passwords or other personal information was affected. We are taking this incident very seriously. We quickly identified the vulnerability and shut it down, and are pursuing the matter with law enforcement. We sincerely apologize for this inconvenience," it said.

The Washington Post said "roughly 1.27 million user IDs and e-mail addresses" may have been "impacted" due to the attack.

It said the attack occurred at least twice, on June 27 and on June 28.

While users' data remain secure, it said some of the affected users may expect to get spam email following the hack.

"Users whose e-mail addresses were accessed may receive some unsolicited emails (SPAM) as a result. Their Jobs accounts remain secure," it said.

For now, the Washington Post said it has implemented additional measures to prevent against a similar attack in the future.

"In addition, we are conducting a thorough audit of the security of the Jobs site," it said.

It also advised users to be wary of unsolicited emails and not to respond to or click any links in such e-mails.

"Avoid giving personal or financial information in an email, especially credit card information, bank account information, passwords and ID numbers. (Washington Post Jobs will never ask you for your password or sensitive personal information over e-mail)," it said.

A separate story on PC Magazine said the Washington Post disclosed the attack on Thursday.

It noted the security breach is the latest in a series of high-profile and seemingly random cyber-attacks on corporate and government properties.

Media organizations like the Twitter account of FoxNews.com and the website of Public Broadcasting Service had not been spared from the attacks.

"But unlike recent attacks carried out by 'hacktivists' like Anonymous and LulzSec that seem politically motivated and even prank-like, the Post intrusion may have been the work of traditional profit-motivated cybercriminals, if the paper’s contention that collecting email addresses to spam was the motive," the PC Mag article said. — Source: RSJ, GMA News

You Might Also Like