As of Monday it looks like the Wall Street Journal and Vice have been compromised by a Russian hacker group called w0rm. This follows an incident earlier this month where w0rm attacked CNET, claiming their goal was to improve Internet security as a whole.
w0rm posted a series of images to Twitter on Monday, indicating that they had user information and access to servers, which could be used to vandalize the website. Yesterday the Journal confirmed that they had been compromised, but said that they “see no evidence of any impact to Dow Jones customers or customer data.” They were alerted to the attack by an LA cybersecurity firm, and w0rm is offering to sell the information he took for 1 Bitcoin, which comes to $621.58.
Vice also confirmed to SC Magazine that a list of their CMS (Content Managemement System) users had been taken (a screenshot of the list appears in one of the tweets linked above).
This isn’t the first or most public instance of either organization being hacked. Last year the Syrian Electronic Army defaced part of Vice’s site, and last week the Journal’s Facebook page was used to post a false story claiming Air Force One had crashed.
What actually shocked me about this wasn’t that it happened, but my reaction to it, which was: not much at all. I guess the idea of media organizations getting hacked has just become a part of my new normal. Which possibly also means it's time for those organizations to take online security more seriously.