Twitter, Washington Post Were Also Hacked

The Slatest
Your News Companion by Ben Mathis-Lilley
Feb. 2 2013 10:53 AM

Twitter, Washington Post Are Latest Media Companies To Report Cyberattacks

110014362
The Twitter logo is displayed at the entrance of the company's headquarters in San Francisco

Photo by KIMIHIRO HOSHINO/AFP/Getty Images

Another day, another report of a cyberattack against a media company. Except in this case there were two. Social media giant Twitter and the Washington Post were the latest companies to reveal they, too, were victims of cyberattacks. But the Post is alone in directly stating that the attack was likely the work of Chinese hackers, just like the New York Times and Wall Street Journal did earlier in the week. Bloomberg also said it had suffered an attack but insisted its system wasn’t breached and Reuters said it was hacked twice in August, although no details were released on the source.

The Post attack was first discovered in 2011 even though the hackers likely first successfully hacked the paper’s systems as early as 2008. Sources say sensitive passwords were probably compromised, likely giving hackers access to the paper’s network before they were cut off. Several of the paper’s journalists are none too happy that the company kept this quiet, seemingly only revealing the news to its own employees after a blog run by a former Post staffer broke the news. The blog—Krebs on Security—claims National Security Agency and Defense Department experts took one of the servers for analysis, but the Post wasn’t able to confirm whether that was true. (Disclosure: Slate and the Washington Post are owned by the same parent company.)

Advertisement

For its part, Twitter revealed in a blog post that it has detected an effort to gain access to its data earlier in the week. Even though the company claims it was “able to shut it down in process moments later,” the hackers may have still stolen some data—including names, email addresses, and encrypted passwords—from around 250,000 users. The company highlighted this amounted to “only a very small percentage of our users.” The hackers likely gained access by taking advantage of compromises in an employee’s computer created by Java.

If there’s a chance you still haven’t disabled Java in your browser, read the handy guide by Slate’s Will Oremus—even Twitter recommends it.

Daniel Politi has been contributing to Slate since 2004 and wrote the "Today's Papers" column from 2006 to 2009. You can follow him on Twitter @dpoliti.

  Slate Plus
Slate Picks
Nov. 21 2014 1:38 PM What Happened at Slate This Week? See if you can keep pace with the copy desk, Slate’s most comprehensive reading team.