The news release service wasn't a random target as initially believed

Oct 17, 2013 13:58 GMT  ·  By

We have recently learned that press release distribution service PR Newswire suffered a breach earlier this year. Brian Krebs and Hold Security have been investigating the attack which they believe was launched by the same cybercriminals that targeted Adobe and several major American data brokers.

Initially, it was believed that PR Newswire was breached sometime in March. However, according to Hold Security, new evidence shows that on February 13, 2013, a large-scale attack was launched against the company.

“There is evidence, dated February 13, 2013, of a large-scale attack targeting PR Newswire’s multiple networks hitting over 2,000 IP addresses using ColdFusion exploits,” Hold Security noted in an update to its news release.

“The attack was sourced from a different server also used by the same group of hackers. If this attack resulted in a breach, it is possible that the hackers had access to PR Newswire infrastructure longer than previously thought.”

This shows that the company wasn’t a random target for the hackers, as it was initially believed.