Reefa Posted December 19, 2013 Share Posted December 19, 2013 Hackers broke into The Washington Post’s servers and gained access to employee user names and passwords, marking at least the third intrusion over the past three years, company officials said Wednesday.The extent of the loss of company data was not immediately clear, although officials planned to ask all employees to change their user names and passwords on the assumption that many or all of them may have been compromised. Although company passwords are stored in encrypted form, hackers in some cases have shown the ability to decode such information.Post officials, who on Wednesday learned of the intrusion from Mandiant, a cybersecurity contractor that monitors the company’s networks, said the intrusion was of relatively short duration.“This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti.Officials said they saw no evidence that subscriber information, such as credit cards or home addresses, was accessed by the hackers. Nor was there any sign that the hackers had gained access to the Post’s publishing system, e-mails or sensitive personal information of employees, such as their Social Security numbers.The company’s suspicions immediately focused on the possibility that Chinese hackers were responsible for the hack. Evidence strongly pointed to Chinese hackers in the earlier intrusion of the Post’s network, discovered in 2011, and in hacks against the New York Times, the Wall Street Journal and a wide range of Washington-based institutions, from think tanks to human rights groups and defense contractors.This more-recent hack, Post officials said, began with an intrusion into a server used by the Post’s foreign staff but eventually spread to other company servers before being discovered.In August, the Syrian Electronic Army briefly succeeded in redirecting readers of articles on washingtonpost.com to its own Web site. The organization supports Assad, who has led a long, bloody campaign to crush a rebellion in Syria.The Syrian Electronic Army was also suspected in a “phishing” attack aimed at securing the log-in information of the e-mail accounts of Post journalists. The source of the attack sent e-mails to Post employees that appeared to emanate from colleagues. The e-mails directed recipients to click a link and provide log-in data. That information could have been used by an outside source to gain unauthorized access to the company’s computer network.Source:http://www.washingtonpost.com/business/technology/hackers-break-into-washington-post-servers/2013/12/18/dff8c362-682c-11e3-8b5b-a77187b716a3_story.html Link to comment Share on other sites More sharing options...
nIGHT Posted December 19, 2013 Share Posted December 19, 2013 (edited) What purpose do they have to hack a news agency? :think:Is it an individual/group citizen act or a gov't intrusion spy act? :rolleyes: Edited December 19, 2013 by nIGHT Link to comment Share on other sites More sharing options...
demoneye Posted December 19, 2013 Share Posted December 19, 2013 i am 100% positive sure their servers didnt run LinuX :D Link to comment Share on other sites More sharing options...
janedoe Posted December 20, 2013 Share Posted December 20, 2013 i am 100% positive sure their servers didnt run LinuX :DThat may well be the case, but is it your contention that Linux is completely bug free, impenetrable and unhackable? Link to comment Share on other sites More sharing options...
demoneye Posted December 20, 2013 Share Posted December 20, 2013 i am 100% positive sure their servers didnt run LinuX :DThat may well be the case, but is it your contention that Linux is completely bug free, impenetrable and unhackable?Not it doesn't , and i didn't say so ... just saying it mostly windows boxes rather than linux one B) Link to comment Share on other sites More sharing options...
janedoe Posted December 20, 2013 Share Posted December 20, 2013 Not it doesn't , and i didn't say so ... just saying it mostly windows boxes rather than linux one B) Well "mostly" is not the same as "100%", but yes, one thing that many Windows users neglect to do is use a non-admin account by default whereas Linux requires sudo to really mess with the system. I know many badly-written Windows apps will break without admin access, but MS really should make non-admin accounts the default in a new installation (even though an admin account now is not a true Administrator, but still). Link to comment Share on other sites More sharing options...
Recommended Posts