Syrian Electronic Army hacks Forbes, steals and dumps employee and user data
So by now, regular readers will likely have already heard that the Syrian Electronic Army (SEA) hacked Forbes.com to express their displeasure with Forbes’ reporting on their activities, and what they perceive as Forbes’ antipathy towards Syria.
The attack was announced through their Twitter account, with the hacktivists claiming to have acquired more than one million email addresses and passwords from Forbe’s WordPress platform.
The data were dumped yesterday, although the pastes are no longer available at their original urls.
— SyrianElectronicArmy (@Official_SEA16) February 14, 2014
The image shows one entry from the table:
The leaked data contains Users login details including username, email and passwords, while the passwords are in encrypted format used by the wordpress websites. though the encryption is not too difficult to crack for someone having basic information over the “hashes” types and decryption procedure.
it looks like The leaked data contains login details of admin, Authors, other officials of forbes and large part comes from readers.
In a statement on Facebook responding to the attack, Forbes writes:
Security message: Forbes.com was targeted in a digital attack and our publishing platform was compromised. Users’ email addresses may have been exposed. The passwords were encrypted, but as a precaution, we strongly encourage Forbes readers and contributors to change their passwords on our system, and encourage them to change them on other websites if they use the same password elsewhere. We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach.