EurekAlert site down after ‘serious breach’ sees hackers leak embargoed studies on Twitter
Usernames and passwords of registrants compromised but financial information of subscribers believed to be safe.
The popular science news journal site EurekAlert, is down after a major breach saw hackers leak embargoed news releases and studies on Twitter. EurekAlert said they were notified of a “potential breach” on 11 September, which sparked an investigation. It was later uncovered that the site underwent “an aggressive attack” on 9 September.
The site’s registrants’ usernames and passwords are believed to have been compromised. However, EurekAlert stressed that financial information of subscribers and subscribing institutions are not stored on the site, indicating that, that particular data set may not have been affected by the breach. At the time of writing, the site still remains down. EurekAlert said their team was working to “bring the site back online as soon as we can ensure that vulnerabilities have been eliminated”.
“The EurekAlert! website has been taken offline as AAAS works diligently to address a serious security breach. We are taking this step out of an abundance of caution. The integrity of content on our website is of the utmost concern to us. As we were working to implement a secure password-reset protocol for all registrants, the unknown hacker publicly released an embargoed EurekAlert! news release. We then decided to bring the site down immediately, to protect other embargoed content,” said Ginger Pinholster, Chief Communications Officer and Director for AAAS (the American Association for the Advancement of Science).
Source | ibtimes