The
global press release distribution firm PR Newswire has admitted to a
large-scale breach, in which usernames and passwords were stolen – but
claims hackers have not sent out “fake” releases, which can be used to
manipulate financial markets or cause other disruption.
The breach was uncovered by security reporter Brian Krebs, and reported on his blog, Krebs on Security. Krebs
says that the breach is tied to the attackers who broke into Adobe’s
systems – the stolen data was found on the same servers that hosted
source code stolen from Adobe.
Krebs says that the stolen data appears to date from March. PR
Newswire is alerting affected customers and initiating password resets.
Ten thousand accounts were on the database, and these appear to be firms
in Europe, the Midle East and Africa, Krebs said.PR Newswire says that the data has not been used to send out “fake” press releases – a highly powerful tool in the hands of criminals.
Last week, Cision AB, a press-release company, published a
“completely false” release about Samsung buying a small biometrics firm.
The news was republished around the world, and shares in the company
soared. The case is currently being investigated by police, according to
a report by Engadget.
“There has been no major fallout, but the ramifications could have
been serious. If a hacker compromised a PR Newswire account and began
disseminating false information, it could seriously affect the share
price of the related firm,” said TechWeekEurope in a report.
“PR Newswire has protocols and redundancies in place that
are designed to minimize the risk of distributing fraudulent press
releases, including both technological and human safeguards prior to
issuing any release,” the company said in a statement.
“The database contains approximately 10,000 records; however, there
is only a minority of active users on this database. Those users
represent an even smaller number of customers, as each customer
generally has multiple usernames. PR Newswire decided to implemented a
mandatory password reset for all customers with accounts on this
database as a precautionary measure.”
The data stolen from PR Newswire was tiny in comparison to the breach suffered by Adobe, which ESET researcher Stephen Cobb described as “unprecedented”
– not only did the attackers gain access to 2.9 million usernames and
encrypted passwords, source code was also stolen for Adobe products.
Cobb said that this attack was, “pretty much unprecedented” in terms of the potential risks it posed.
“We have seem previous breaches of customer information
that were bigger than this, but if, as Brian Krebs suggests, the source
code of Adobe Acrobat has been compromised, that would be pretty much
unprecedented.”
“According to Adobe’s own figures, there are hundreds of millions of
instances of Adobe Reader and Acrobat, across all major computing
platforms, including Windows, Mac, iOS and Android,” Cobb says. Access
to the source code could be a major asset for cybercriminals looking to
target those platforms.Krebs claims that Adobe and PR Newswire are by no means the only companies targeted by this group – and says further revelations are forthcoming.
No comments:
Post a Comment