The hacking group says it attacked Forbes because the publication’s “hate for Syria is very clear and flagrant in their articles.”
February 14, 2014 9:53 AM PST
The Syrian Electronic Army has attacked Forbes, stealing user data and posting fake stories to its Web site.
The hacking group announced the exploit on Friday, showing several screenshots of the WordPress-based backend of the Forbes.com Web site.
The organization said in a tweet that more than 1 million user e-mails and passwords were successfully stolen and will be published at some point.
Forbes acknowledged that its Web site and publishing platform were the targets of a hack in a Facebook post on Friday.
The company said e-mail addresses may have been exposed but passwords are encrypted. Still, Forbes cautioned readers and contributors to change their passwords as a precaution:
Security message: Forbes.com was targeted in a digital attack and our publishing platform was compromised. Users’ email addresses may have been exposed.
The passwords were encrypted, but as a precaution, we strongly encourage Forbes readers and contributors to change their passwords on our system, and encourage them to change them on other websites if they use the same password elsewhere. We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach.
Kickstarter hacked, user data stolen
Hackers hit Tesco as over 2,200 accounts compromised
Snapchat hack spams users with smoothie photos
Dos and don’ts of Internet safety
Sochi hack report ‘fraudulent,’ security researcher charges
IBTimes, which earlier reported on the story, talked to a spokesperson for the SEA, who said the attacks are based in its belief that Forbes’ “hate for Syria is very clear and flagrant in their articles.”
In addition to stealing usernames, the Syrian Electronic Army posted an article on the site entitled “Hacked by the Syrian Electronic Army.” That article has since been taken down, and there don’t appear to be any other posts on the site that have come from the Syrian Electronic Army.
The Syrian Electronic Army is one of the more active hacking groups. Last year, the organization hacked into Viber’s database, hijacked a Thomson Reuters Twitter feed, and took aim at both the Onion and BBC Twitter accounts. Earlier this year, the group also broke into several Microsoft Twitter accounts.
Update, 3:42 p.m. PT: Added statement from Forbes.