14 DAY TRIAL // On or after March 8, the systems of PR Newswire, the popular press release distribution service, were hacked. The attackers managed to steal the usernames and encrypted passwords of customers who uploaded news releases on the website.
According to Brian Krebs, the cybercriminals uploaded the stolen data to the same server where the source code for several Adobe products was found recently. This might indicate that the same group of hackers is behind both attacks.
After seeing the data, PR Newswire confirmed that it was stolen from their systems. The company has launched an investigation and it’s in the process of notifying impacted customers. Law enforcement has also been called in to investigate the incident.
The usernames and passwords appear to belong to users from India, Europe, Africa and the Middle East. The passwords of the customers whose details are stored in the hacked database are being reset.
So far, there’s no evidence that the stolen data has been misused, but if it had been, the effects could have been devastating.
“It’s unsettling to imaging the possible outcomes if the stolen data fell into the hands of any groups that are trying to affect political and economic stability,” said Alec Holden, the CISO of Hold Security and the one who helped Krebs with analyzing the leaked data.
“Misleading PR statements on behalf of major companies could disrupt stock markets, injure a company’s reputation, and affect consumers,” he added.
This is particularly true considering that PR Newswire’s customers are major PR firms and several Fortune 1000 companies.
Interestingly, last week, Swedish press-release distributor Cision AB published a fake release that caused the shares of two biometric companies to soar, Bloomberg reported.
However, PR Newswire representatives say there’s no evidence that the data leaked from them has anything to do with the incident.
“PR Newswire has protocols and redundancies in place that are designed to minimize the risk of distributing fraudulent press releases, including both technological and human safeguards prior to issuing any release,” the company told Krebs.
“The database contains approximately 10,000 records; however, there is only a minority of active users on this database. Those users represent an even smaller number of customers, as each customer generally has multiple usernames.”