Having already targeted several big name news organizations, the Syrian Electronic Army has hit another, this time publishing a reported one million user credentials from business site Forbes.com. Re/code reports that the group posted various messages to its Twitter account claiming responsibility for the attack, sharing a screenshot of the site's publishing system and indicating it accessed a Forbes employee's accounts in order to do so. Forbes, meanwhile, has confirmed the compromise, prompting users to change their passwords and be on their guard for a potential increase in targeted phishing attacks. While passwords were hashed (not stored in plain text), they may not be safe from enterprising third parties. The site has since returned to normal, but the company says it's in contact with law enforcement to identify exactly what happened. Between this and the recent Kickstarter hack, it's been a lousy few days for database administrators.
http://t.co/0HbTuGgsU1 hacked by the Syrian Electronic Army #SEA. pic.twitter.com/SlfXYv7HUv- SyrianElectronicArmy (@Official_SEA16) February 14, 2014
@Forbes can thank @TheAlexKnapp for this hack. #SEA- SyrianElectronicArmy (@Official_SEA16) February 14, 2014