IDG News Service - The Washington Post has alerted job seekers who use its employment pages of a data breach that compromised up to 1.27 million accounts.
The publisher wrote on its website that the "Jobs" section was attacked by an "unauthorized third party" once on June 27 and once on June 28. The attackers obtained user IDs and e-mail addresses, but did not get passwords or other personal information.
"We are taking this incident very seriously," the Washington Post said. "We quickly identified the vulnerability and shut it down, and are pursuing the matter with law enforcement. We sincerely apologize for this inconvenience."
The attacks on the Washington Post follow a string of well-publicized hacking incidents affecting business and government websites from groups such as Anonymous and the now-disbanded Lulz Security, both of which struck high-profile organizations and have released sensitive data.
The Washington Post warned that users whose data was compromised could receive spam. E-mail addresses -- while commonly publicly disseminated -- are particularly useful for hackers since they can craft targeted messages with links leading to websites that could infect victim's computers with malicious software.
The publisher said it had implemented security measures to prevent such an attack in the future and is also auditing the Jobs site for other possible security issues.
Send news tips and comments to firstname.lastname@example.org
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!