It’s happened again. For the third time in the past three years, the servers that help run The Washington Post’s web presence have been hacked. According to the publication, hackers gained access to the user names and passwords of its employees.
The extent of the damage in unknown, but The Washington Post asked all employees to switch their user names and passwords as a precautionary measure. Though employee passwords are protected by encryption, the statement notes that cyber criminals have at times shown the ability to crack encrypted passwords.
According to Kris Coratti, a representative for The Washington Post, the attacks occurred over the course of days. Here’s what Coratti had to say.
“This is an ongoing investigation, but we believe it was a few days at most.”
Fortunately, there doesn’t seem to be any indication that consumer data, including credit card information or addresses, were exposed as a result of the attacks. There also don’t appear to be any signs that the infiltrators were able to attain employee personal information, access to emails or the site’s publishing apparatus.
The Washington Post officials stated that the attacks originated from a server used by company staff located outside of the U.S. The most recent attack before this new hit occurred in August, when Syrian Electronic Army hackers were able to redirect people who visited The Washington Post’s site, to their own web page.
It’ll be interesting to see whether The Washington Post can fend off future attacks, and what conclusions will be made once investigations are concluded and concrete findings are presented.