Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Media Outlets. Show all posts

AP Stylebook Data Breach: Associated Press Warns That The Breach Led to Phishing Attacks


The Associated Press has warned of what potentially is a data breach in AP Stylebook servers, impacting their customers. Reportedly, the data has been used by the threat actors in launching their targeted phishing attacks. 

The AP Stylebook is a widely popular guide for grammar enthusiasts, used for a better insight in punctuations and writing styles by journalists, magazines and newsrooms.

About the Breach

The Associate press came up with a warning this week, informing AP Stylebook of their old third-party-managed site (no longer in use) that had apparently been under the hacker’s control between July 16 and July 22, 2023. The breach consequently led to the compromise of 224 customers’ data.

According to their report, the compromised data included customers’ personal information such as: 

  • Customer’s name 
  • Email address 
  • Residential address (street, city, state, zip code) 
  • Phone number 
  • User ID 
Also, customers who had registered to their tax-exempt IDs such as Social Security Number or Employer Identification Number, have also compromised their IDs in the breach. 

As stated by the AP, initial information regarding the possible breach reached them on July 20, 2023, when AP Stylebook users reported receiving phishing emails requesting that they update their credit card information. 

After learning of the phishing attack, the AP disabled their outdated site in order to stop any further attacks.

By the end of July, the company began warning AP Stylebook customers about the phishing attacks, informing them that the fraudulent mails were sent from 'support@getscore.my[.]id' with a subject similar to "Regarding AP Stylebook Order no. 07/20/2023 06:48:20 am." 

The Associated Press further advised AP Stylebook customers to reset their passwords upon their next login. 

With only 224 customers affected, this was hardly a significant data breach, however hackers who are always on the lookout for journalists' and media businesses' login information, make the breach noteworthy.

Acquiring illicit access to networks belonging to any media organization could consequently result in a variety of cyberattacks like extortion and ransomware attacks, data theft or even cyber espionage.

Some other examples of local or global media organizations that suffered a ransomware or cyberespionage attack includes News Corp, the Philadelphia Inquirer and the German newspaper Heilbronn Stimme.

Bangladeshi Hacker Group Targets Multiple Indian News Agencies

 

An update regarding the cyberattack on Alt News has brought up cybersecurity news in Indian media once more. After focusing on Indian news agency ANI News for a few hours, the threat actor group "Mysterious Team Bangladesh" has now listed the well-known Indian fact-checking website "Alt News" as its latest victim. 

The hacktivist group claims that the purported ANI News and Alt News cyberattacks are a part of their ongoing OpIndia23 campaign against the Indian media for allegedly inciting hatred and false information. 

ANI News is a news organisation with its main office in New Delhi. Mohammed Zubair and Pratik Sinha, two former IT engineers, launched the fact-checking website Alt News, a non-profit organisation in India. 

Both organisations' websites were reachable at the time of writing. A number of cyberattacks on international targets included the claimed Alt News hack. 

Mysterious Team shared the hashtags "opindia23," "counterattack," and "OpTerrorismCountry" along with the Telegram message. The group has accounts on several social media networks and has 1,283 Telegram subscribers. 

The bio for the gang on its Twitter account, where they frequently discuss the specifics of their attacks and victims, reads, "We are cyber warriors of Bangladesh." 

Along with articles on hacking and cyberattacks, the group also publishes the names of other hackers. A name that came up was "_barbby," who according to his biography is a journalist and a human rights advocate. There were two hashtags on the profile: OpIsrael and FreePalestine.

In the bio of another hacker, YourAnonRiots, it was said, "Our mission is global peace." The profile's hashtag was HackThePlanet, which appears to be the case in light of the hacking attacks on numerous government and other organisation websites. Your Anon Story, MCA Ops, and Saudi Exile were the other hackers that had been identified.

In the past 24 hours, the Mysterious Team Bangladesh group has also listed TV7 Israel News, Uniurdu, an Urdu-language news website, and Univarta, a Hindi-language news website, as victims. Furthermore, the hacktivist group also targeted the website of The Press Trust of India.

Along with saying "Expect Us," the organisation also declared that it had attacked the Indian Computer Emergency Response Team. 

The Mysterious Team appears to be a sizable group made up of numerous hackers that use system weaknesses to get access. But nothing is known about their method of attack other than the fact that they effectively shut down the systems and publish screenshots of their hacks on their various social media platforms.