An unknown group of hackers hit the jobs section of the Washington Post website last week, making away with the personal information of more than 1.2 million users. In a FAQ posted this afternoon, reps for the Post sought to play down the extent of the hack, assuring users that the worst that they will probably weather is a series of spam emails, which should obviously be ignored (the spam emails, not the FAQ).
"[Y]ou should be aware that you may receive some unsolicited e-mail (spam) as a result of this incident," Post exec Beth Diaz wrote in a letter to users. "As a general matter, you should always avoid opening suspicious or unsolicited e-mail, never respond to or click any links in spam, and avoid providing personal or financial information in an e-mail – especially credit card information, bank account information, passwords, and ID numbers."
Still, this isn't particularly great news for the Post, or for other newspapers, which typically require online readers to fork over a small amount of personal information – usually an email address and name, and sometimes more – before registering on the site. Readers like to trust that that personal information will be kept safe, not left exposed to marauding groups of hackers, whomever those marauding groups of hackers may be.
Speaking of which: Is it possible, as Kyle Wagner coyly hints over at Gizmodo, that the Washington Post attack could be the work of Anonymous or any of the other members of the AntiSec campaign? Horizons readers will remember that Anonymous has been very active in recent weeks, hitting the online home of the Arizona Police Department, among other targets.
Answer: Sure, it's possible that Anonymous is behind the attack. It fits the bill for AntiSec, which has typically targeted large governmental and media outposts. But then again, no one has yet claimed credit for the attack, and claiming credit is something that Anonymous likes to do. Stay tuned for more.