14 DAY TRIAL // The Washington Post has been hacked once again. If we include this latest breach, the media organization’s servers have been compromised at least three times over the past three years.
The Washington Post revealed that the attackers gained access to employee usernames and passwords, but the full extent of the breach has not been determined yet. While the passwords are encrypted, the company doesn’t appear too confident that the hackers can’t crack them.
That’s why all employees will be asked to change their usernames and passwords to make sure the information cannot be misused.
On the other hand, officials say they haven’t found any evidence to suggest that the details of subscribers, publishing systems, emails, or other sensitive employee information has been compromised.
The breach was discovered by Mandiant, the IT security that’s responsible for securing The Washington Post’s networks. The intrusion, which appears to have started at a server used by The Post’s foreign staff, is said to have lasted “a few days at most.”
Similar to an earlier attack, when several major media organizations had been targeted, Chinese hackers are the main suspects.
China has often denied being involved in cyberattacks against major US organizations. At the beginning of 2013, the country’s officials claimed they had nothing to do with the attacks against The New York Time and The Wall Street Journal.
Earlier this year, the Syrian Electronic Army managed to redirect the visitors of certain Washington Post articles to the group’s own website after hacking the systems of content recommendation service Outbrain.
The Post also believes the pro-Assad group had targeted the company’s employees with spear phishing emails designed to trick them into handing over their login credentials.