Forbes confirms that the Syrian Electronic Army has breached its publishing platform. In addition to gaining access to the company’s WordPress admin console and hijacking some Twitter accounts, the Syrian hacktivists have also gained access to readers’ information.
“Users' email addresses may have been exposed. The passwords were encrypted, but as a precaution, we strongly encourage Forbes readers and contributors to change their passwords on our system, and encourage them to change them on other websites if they use the same password elsewhere,” Forbes wrote in a statement posted on Facebook.
“We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach.”
Initially, the Syrian Electronic Army offered to sell user email addresses and passwords taken from Forbes. However, one hour later, they announced that the data would be published for free.
Two hours ago, the hackers uploaded a file containing the details of more than 1 million users, including usernames, email addresses and encrypted passwords. The information has been uploaded to what the SEA calls a “secure host.”
This probably means it will more difficult for Forbes to remove it. The IP address of the server to which the data has been uploaded is 220.127.116.11. The server, located in the United Kingdom, was previously used by the Syrian hackers when they defaced marines.com.
Even if the passwords are encrypted, the large number of email addresses published online could still be useful to cybercriminals.
The Syrian Electronic Army has told Softpedia that they’ve attacked Forbes because of the publication’s reports about the hacker group and Syria.
The hacktivists have suggested that Forbes Social Media Editor and staff writer Alex Knapp is the one they’ve tricked into providing them with the information needed to compromise the company’s systems.
The Syrian Electronic Army has attacked numerous media organizations over the past years. However, they rarely leak user data.
Updated to clarify that there are over 1 million leaked accounts, not just 16,000. Also, the server that hosts the data is in the UK, not the UAE.