Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Washington Post Job Board Hacked: 1.27 Million Job Seekers Affected

The Washington Post has notified users of its job board that a recent a cyber attack has resulted in a data breach that compromised up to 1.27 million job seeker accounts.

The Washington Post said that the attack occurred in two brief episodes, once on June 27 and once on June 28, resulting in the attacker(s) getting hold of roughly 1.27 million user IDs and e-mail addresses. Passwords or other personal information were not compromised, the publisher said.

The Washington Post has notified users of its job board that a recent a cyber attack has resulted in a data breach that compromised up to 1.27 million job seeker accounts.

The Washington Post said that the attack occurred in two brief episodes, once on June 27 and once on June 28, resulting in the attacker(s) getting hold of roughly 1.27 million user IDs and e-mail addresses. Passwords or other personal information were not compromised, the publisher said.

“We quickly identified the attack and took action to shut it down,” the Washington Post said. “We also have implemented additional measures to prevent against a similar attack in the future, and we are pursuing the matter with law enforcement. In addition, we are conducting a thorough audit of the security of the Jobs site.”

According to Josh Shaul, CTO of Application Security, Inc. this database breach is a big deal for those affected. “Their information is stored in that database because they are looking for work. They’re so susceptible to spear phishing – it’s impossible to resist looking into the legit looking emails that come in offering you the opportunity to work,” Shaul said. “It could also be a problem for the people who have jobs and are out looking for better ones. Nobody wants their boss getting ahold of that info – the list could be used to blackmail people as well.”

Just over a week ago, Gannett Government Media, publisher of several high profile publications catering to the military and government sectors, was the victim of a recent a cyber attack, resulting in files containing information including first and last name, userID, password, email address, and customer numbers for its subscribers.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...