Skip to main content

Washington Post servers breached by hackers

The Washington Post has revealed that it was the victim of a security breach recently.

According to a story posted on the newspaper's website, hackers targeted Washington Post servers and accessed employee logins and passwords. Workers are being asked to change their passwords.

The Post said the extent of the breach is not yet clear, though it does not look like subscriber data, including credit card information, was stolen. It also does not seem to be the case that the hackers were able to access the paper's online publishing or email system.

The report suggested that Chinese hackers might be responsible, since the attack originated in a server used by foreign staffers. Earlier this year, the New York Times was also targeted by Chinese hackers.

Over the summer, The Washington Post was hit by the Syrian Electronic Army and visitors were redirected to the hackers' website. In that case, the SEA used a phishing scam to gain entry into the Post's system. "The attack resulted in one staff writer's personal Twitter account being used to send out a Syrian Electronic Army message," the Post said at the time. "For 30 minutes this morning, some articles on our website were redirected to the Syrian Electronic Army's site.

The SEA also hit the Times in August, knocking its website offline.

The Post said this most recent hack is the third in three years. Back in 2011, hackers broke into the Post's Jobs website, stealing about 1.27 million user IDs and email addresses.