Threatwatch

Attackers grab Washington Post employee IDs from corporate servers

Cyber espionage; Network intrusion; Stolen credentials

The hackers gained access to employee user names and passwords, in at least the third intrusion during the past three years.

The passwords were encrypted. The Post claims there is no evidence that subscriber information was affected.

Company officials learned of the breach on Dec. 18 from Mandiant, a cybersecurity contractor that monitors the Post’s networks. The incident lasted a few days at most.

This strike began with the infiltration of a server used by the Post’s foreign staff and then spread to other company servers before being discovered.

“The company’s suspicions immediately focused on the possibility that Chinese hackers were responsible for the hack. Evidence strongly pointed to Chinese hackers in the earlier intrusion of the Post’s network, discovered in 2011, and in hacks against the New York Times, the Wall Street Journal and a wide range of Washington-based institutions, from think tanks to human rights groups and defense contractors,” the Post reports.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

sector

Media

reported

December 18, 2013

reported by

Washington Post

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

December 2013