Three strikes in three years. The Washington Post said its servers have been hacked once again with the intruders gaining access to its employees' names and passwords. The publication learned of the incident from its cybersecurity contractor Mandiant that claimed it was just a brief attack.
The publication is zeroing on the possibility that Chinese hackers were again responsible for the incursion. To recall, Chinese hackers were also the primary suspects during hacking incidents of the network of The Washington Post, New York Times, and Wall Street Journal in 2011. Several institutions in Washington were also hacked the same year.
In August this year, members of the Syrian Electronic Army supporting Syrian President Bashar al-Assad was successful in redirecting readers of washingtonpost.com to their website. The same group was believed to be responsible for phishing attacks that tried to mislead journalists of The Washington Post to send their log-in information.
The latest attack might have started with a server utilized by the foreign staff of the publication and eventually spilled over to other servers of The Washington Post. The extent of the hacking is still being looked into but according to the report, the perpetrators were not able to hack into sensitive information such as subscriber information, home address or credit card numbers. There was also no evidence that they were able to get into the publishing system of The Washington Post or peek into personal information of its employees.
"This is an ongoing investigation, but we believe it was a few days at most," Washington Post spokesperson Kris Coratti said.
As a precaution, The Washington Post has instructed its employees to change their passwords in case the intruders find a way to decode any encrypted information the cybercriminals have in possession.
Mandiant is said to be the go-to cybersecurity experts of about a third of the Fortune 100 companies. According to a report by Bloomberg Businessweek, its 2012 earnings hit the $100 million mark.
"The fact that you can do this from a safe harbor thousands of miles away with no risk or repercussions has changed the game," said Kevin Mandia in an interview with the Bloomberg Businessweek in February, a period when some hackers believed to be from the Chinese government, had intruded into servers of some news organizations.