Jump to content

Hackers break into Washington Post servers


Reefa

Recommended Posts

press_logo_washington_post.jpg

Hackers broke into The Washington Post’s servers and gained access to employee user names and passwords, marking at least the third intrusion over the past three years, company officials said Wednesday.

The extent of the loss of company data was not immediately clear, although officials planned to ask all employees to change their user names and passwords on the assumption that many or all of them may have been compromised. Although company passwords are stored in encrypted form, hackers in some cases have shown the ability to decode such information.

Post officials, who on Wednesday learned of the intrusion from Mandiant, a cybersecurity contractor that monitors the company’s networks, said the intrusion was of relatively short duration.

“This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti.

Officials said they saw no evidence that subscriber information, such as credit cards or home addresses, was accessed by the hackers. Nor was there any sign that the hackers had gained access to the Post’s publishing system, e-mails or sensitive personal information of employees, such as their Social Security numbers.

The company’s suspicions immediately focused on the possibility that Chinese hackers were responsible for the hack. Evidence strongly pointed to Chinese hackers in the earlier intrusion of the Post’s network, discovered in 2011, and in hacks against the New York Times, the Wall Street Journal and a wide range of Washington-based institutions, from think tanks to human rights groups and defense contractors.

This more-recent hack, Post officials said, began with an intrusion into a server used by the Post’s foreign staff but eventually spread to other company servers before being discovered.

In August, the Syrian Electronic Army briefly succeeded in redirecting readers of articles on washingtonpost.com to its own Web site. The organization supports Assad, who has led a long, bloody campaign to crush a rebellion in Syria.

The Syrian Electronic Army was also suspected in a “phishing” attack aimed at securing the log-in information of the e-mail accounts of Post journalists. The source of the attack sent e-mails to Post employees that appeared to emanate from colleagues. The e-mails directed recipients to click a link and provide log-in data. That information could have been used by an outside source to gain unauthorized access to the company’s computer network.

Source:http://www.washingtonpost.com/business/technology/hackers-break-into-washington-post-servers/2013/12/18/dff8c362-682c-11e3-8b5b-a77187b716a3_story.html

Link to comment
Share on other sites


  • Replies 5
  • Views 1.6k
  • Created
  • Last Reply

Top Posters In This Topic

  • demoneye

    2

  • janedoe

    2

  • nIGHT

    1

  • Reefa

    1

Top Posters In This Topic

What purpose do they have to hack a news agency? :think:

Is it an individual/group citizen act or a gov't intrusion spy act? :rolleyes:

Edited by nIGHT
Link to comment
Share on other sites


i am 100% positive sure their servers didnt run LinuX :D

That may well be the case, but is it your contention that Linux is completely bug free, impenetrable and unhackable?

Link to comment
Share on other sites


i am 100% positive sure their servers didnt run LinuX :D

That may well be the case, but is it your contention that Linux is completely bug free, impenetrable and unhackable?

Not it doesn't , and i didn't say so ... just saying it mostly windows boxes rather than linux one B)

Link to comment
Share on other sites


Not it doesn't , and i didn't say so ... just saying it mostly windows boxes rather than linux one B)

Well "mostly" is not the same as "100%", but yes, one thing that many Windows users neglect to do is use a non-admin account by default whereas Linux requires sudo to really mess with the system. I know many badly-written Windows apps will break without admin access, but MS really should make non-admin accounts the default in a new installation (even though an admin account now is not a true Administrator, but still).

Link to comment
Share on other sites


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...