Security Experts:

Fast Company Hack Impacts Website, Apple News Account

American business magazine Fast Company has confirmed that its Apple News account was hijacked after hackers compromised its content management system (CMS).

The monthly magazine focuses on business, technology, and design. In addition to its online version, the magazine publishes six print issues each year.

On Tuesday evening, Apple News took it to Twitter to announce that Fast Company’s account was suspended after hackers had used it to post two offensive messages.

“An incredibly offensive alert was sent by Fast Company, which has been hacked. Apple News has disabled their channel,” Apple News said.

A few hours later, Fast Company confirmed via Twitter that its Apple News account was hijacked after hackers had gained access to its CMS.

“Fast Company's Apple News account was hacked on Tuesday evening. Two obscene and racist push notifications were sent about a minute apart. The messages are vile and not in line with the content and ethos of Fast Company,” the magazine said.

The publication also announced that it had suspended both the feed and its website, which continues to be offline.

“To clarify: Fast Company’s content management system (CMS) was hacked on Tuesday evening, which impacted our Apple News alerts,” the company said.

The cyberattack is the second that Fast Company falls victim to within a matter of days. On Sunday, the magazine suffered a similar hack, which resulted in articles on the publication’s homepage being altered to include obscene language.

During the Tuesday incident, the attackers also left a message on Fast Company’s website to shame the publication for its poor remediation of the Sunday incident.

“Wow, Fast Company. Despite the public defacement of your site, which boasts millions of visitors, all you did was hastily change your database credentials, disable outside connections to the database server, and fix the articles,” part of the message read.

The hacker also claimed that Fast Company used a simple default password for multiple accounts, which allowed them to access sensitive data such as access tokens and API keys. The hacker also claimed to have stolen over 6,000 Fast Company employee records during the Sunday breach, but no customer records.

Related: Data Breach at Australian Telecoms Firm Optus Could Impact Up to 10 Million Customers

Related: Defense Giant Elbit Confirms Data Breach After Ransomware Gang Claims Hack

Related: LastPass Found No Code Injection Attempts Following August Data Breach

view counter